KEY POINTS:
The Storm worm botnet - responsible for plenty of global IT misery - seems to be getting chopped up for sale to cyber-dodgies.
Joe Stewart, a blogger at security specialist SecureWorks and expert on Storm, says the new variants are using a 40-byte key to encrypt their Overnet peer-to-peer traffic.
Each node can only communicate with nodes using the same key.
This, he wrote in a blog today, allows the Storm author to divide the botnet into smaller networks.
Stewart believes that this could be move towards selling Storm to other spammers as an 'end-to-end spam botnet system, complete with fast-flux DNS and hosting capabilities'.
"If that's the case, we might see a lot more of storm in the future," he wrote.
The new approach does make distinguishing Storm nodes on networks that allow P2P traffic an easier task for network admins.
The Storm Worm, according to best guesstimates based on results from Microsoft's malicious software removal tool's latest deployment, indicate there could be between one and 10 million infected PCs worldwide.
The recent MSRT, which is updated on a monthly basis, removed Storm-related malware from nearly 275,000 computers out of 2.6 million scanned.
Security specialists have been surprised at the relentless progress of Storm, which preys on P2P users and others, tricking them into clicking infected .exe files.
