SOURCE: Cloudmark, Inc.

January 22, 2007 07:00 ET

Cloudmark Stops "Storm" Worm 6-20 Hours Before Traditional Anti-Virus Providers

Stops Hackers Taking Advantage of Bad Weather With "Storm Worm" "Snow Worm" "Storm in Europe" Virus

SAN FRANCISCO, CA -- (MARKET WIRE) -- January 22, 2007 -- Cloudmark, Inc., the proven leader in real-time messaging security, stopped the "storm" virus a full 6 to 20 hours before all other anti-virus firms. Targeting hundreds of thousands of computers globally, the worm touted the numbers of people lost to European snow storms. Cloudmark saw -- and stopped -- the virus yesterday at 2:00 PM PST, a full six hours sooner than the nearest competitor and up to 20 hours faster than some.

In light of the "storm worm's" aggressive propagation rate, company researchers say a significantly higher number of individuals would have been hit and service provider storage space severely compromised had Cloudmark not stopped the virus so quickly. Initial theories point to a large amount of seeding before the virus was turned on, probably done as an attempt to thwart traffic-based analysis.

With these new classes of rapidly proliferating viruses, fast response time is critical to an effective anti-virus strategy. Vipul Ved Prakash, Cloudmark's founder and chief scientist, said, "Networks that were not protected by Cloudmark were definitely affected by this virus. Every minute that a new virus is allowed to propagate across the network widens the service provider's window of vulnerability significantly. This means that exponentially more subscribers are impacted which leads to service degradation and customer dissatisfaction."

Intelligent Message Fingerprinting for Viruses

Cloudmark Authority Anti-Virus™ is able to block new viruses, worms and mutated threats faster than traditional or other "zero-hour" AV solutions by virtue of Cloudmark's unique intelligent message fingerprinting algorithms. These algorithms generate fingerprints on messages and attachments for real-time identification of viruses and other threats. Cloudmark AV fingerprints are resistant to viral mutations so viruses that have "morphed" in form (for example, changes in text, code, URL, sender and image) are also detected. If a single message is found containing a verified virus fingerprint, it is blocked within seconds.

Cloudmark's approach contrasts dramatically with systems that rely on rules or heuristics that tend to be time and resource consuming, or pattern detection that actually requires witnessing a certain volume of incidents to spread before starting to block. Cloudmark Authority Anti-Virus does not need to detect a large number of attacks to begin blocking. It also does not require manual intervention or endless rules writing. Cloudmark Authority Anti-Virus stops viruses and their variants before traditional and even other "zero-hour" solutions, narrowing the service provider's window of vulnerability significantly.

About Cloudmark

Cloudmark, Inc. delivers the industry's fastest and most accurate anti-spam, anti-phishing, and anti-virus solutions. Founded in 2001 by pioneers in messaging anti-abuse, Cloudmark architected an innovative approach combining intelligent message fingerprinting with the world's largest real-time threat detection network. Cloudmark solutions protect more than 180 million mailboxes and 60+ ISP networks worldwide with customers and partners including NTT Communications, Time Warner, Cox Communications, Charter Communications, Vodafone, and SUN. A privately held, San Francisco-based company, Cloudmark's comprehensive portfolio addresses the unique needs of Service Provider, enterprise and desktop users. For more information about Cloudmark, visit

Contact Information

  • Media contact:
    Liza Kurtz
    Strategies Ink
    Email Contact