Storm Worm 'malware' spreading

TORONTO, Oct. 15 (UPI) -- Storm Worm, malicious software capable of stealing personal information, is spreading despite being flagged 10 months ago, U.S. computer-security experts say.

Once installed, the "malware" drafts the unwitting user's computer into a vast army of infected machines that can be remotely instructed to spread Storm Worm, shut down Web sites or pump out millions of spam e-mails promoting everything from stock market scams to sketchy pharmaceuticals -- usually without the user's knowledge, the Toronto Star reported.

The software could also soon be used to deliver sophisticated programs to computers that monitor keystrokes and steal confidential information such as online bank usernames and passwords, personal tax information and other information stores on a hard drive, Symantec Corp. Global Intelligence Network Director Dean Turner said.

The confidential data could then be transferred to a central computer server and sold to criminals, leaving little or no trail, he said.

Storm Worm is unique among malware since its purpose is not to create havoc and headlines, but to make its creators rich by quietly taking control of other people's machines, the newspaper said.

Storm Worm is estimated to have infected at least a million machines.