During January 2007, one of Europe's worst Winter storms was used as a means to get folks to view a "news release" being circulated in email.  While the headlines were legitimate, many individuals became infected in a new P2P based botnet that featured fast flux server techniques (where clients and servers change roles so rapidly that the true master servers cannot be found).

While most malware attacks recirculate older techniques or ideas, the Nuwar malware authors have been innovative in some of the technical aspects of the design (e.g., fast flux servers, rootkit infections, P2P based botnet, etc).  Each storm worm attack should be carefully watched, including e-card attacks that may surface during Valentine's Days or other holidays later this year. 

Thanks to Microsoft's MSRT tool that's part of the Patch Tuesday updates, the size of the botnet has been reduced as thousands of PCs have been cleaned.  Still, it's envisioned that Storm worm will continue to be active for the foreseeable future. 

Storm Worm - Launched one year ago
http://www.f-secure.com/weblog/archives/00001367.html
http://www.theregister.co.uk/2008/01/18/storm_worm_botnet/
http://blog.washingtonpost.com/securityfix/2008/01/unhappy_birthday_to_the_storm.html

Storm Worm overview
http://en.wikipedia.org/wiki/Storm_Worm

QUOTE: The Storm Worm malware (more properly known as a Trojan) strain first surfaced on 17 January 2007, in emails attempting to trick users into visiting maliciously-constructed websites under the guise of messages offering information about the storms ravaging Europe at the time.

Compromised machines, however they are infected, become zombie clients under the control of hackers. The Storm Worm was the first botnet client to be based on a peer-to-peer (P2P) command and control protocol, an approach that makes networks of compromised PCs far more difficult to shut down. Over the last year, the Storm Worm has infected millions of Windows machines around the world.