A few AV vendors (e.g., McAfee, F-Secure) have been successful in pentetrating some of the complex security of the botnet. This complex attack features a unique "fast flux" P2P client/server design. Authorities trying to track down and arrest these malware writers may now know specific individuals who are behind the Storm Worm. If the authors are found and arrested, it will provide the most suitable way to stop this complex attack.
QUOTE: American and Russian law enforcement agencies have finally identified the criminals behind the Storm worm, one of the nastiest pieces of malware to ever hit the Internet.
Now comes the hard part: arresting them. The exact number of people involved as well as their identities aren't being released while Russian authorities wind their way through multiple diplomatic, law enforcement and government channels.
Storm has been one of the toughest worms to eradicate because it was crafted so well. It mutates every 30 minutes, making it impossible for signature-based antivirus products to catch it, and there are no central command and control servers to take out like most other worms.
Alperovitch said the group responsible for creating Storm is based in St. Petersburg, a city that seems to be a magnet for computer criminals. Other gangs are based there, including the creators of the MPack malware development kit. St. Petersburg was also the home of the Russian Business Network, an Internet service provider that hosted all kinds of malware ...