1064 users online (220 members and 844 guests)  


Websleuths News


Results 1 to 3 of 3
  1. #1
    Join Date
    Sep 2004
    Location
    Not Of This World
    Posts
    21,642

    Exclamation New Computer Trojan Horse Spreading: Trojan.Peacomm

    Discovered: January 19, 2007
    Updated: January 26, 2007 11:02:54 PM PST
    Also Known As: CME-711 [Common Malware Enumeration], TROJ_SMALL.EDW [Trend Micro], Small.DAM [F-Secure], Downloader-BAI [McAfee], Troj/Dorf-Fam [Sophos]
    Type: Trojan Horse
    Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


    Trojan.Peacomm is a Trojan horse that drops a driver program file to download additional security threats.

    Trojan.Peacomm reportedly arrives as an attachment to a spammed email with the following characteristics:

    Subject:

    One of the following:

    • A killer at 11, he's free at 21 and kill again!
    • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
    • British Muslims Genocide
    • Naked teens attack home director.
    • 230 dead as storm batters Europe.
    • Re: Your text
    • Radical Muslim drinking enemies's blood.
    • Chinese missile shot down Russian satellite
    • Chinese missile shot down Russian aircraft
    • Chinese missile shot down USA aircraft
    • Chinese missile shot down USA satellite
    • Russian missile shot down USA aircraft
    • Russian missile shot down USA satellite
    • Russian missile shot down Chinese aircraft
    • Russian missile shot down Chinese satellite
    • Saddam Hussein safe and sound!
    • Saddam Hussein alive!
    • Venezuelan leader: "Let's the War beginning".
    • Fidel Castro dead.

    Attachment:
    One of the following:

    • FullVideo.exe
    • Full Story.exe
    • Video.exe
    • Read More.exe
    • FullClip.exe
    • GreetingPostcard.exe
    • MoreHere.exe
    • FlashPostcard.exe
    • GreetingCard.exe
    • ClickHere.exe
    • ReadMore.exe
    • FlashPostcard.exe
    • FullNews.exe

    Notes:
    • Due to a substantial increase in activity, Symantec Security Response raised this threat to Category 3 on January 22, 2007.
    • An IPS signature named "BD Peacomm Trojan" was released on January 23, 2007 and is available for relevant products. Please apply the latest Security Updates for your product to receive this signature.
    • This threat may also be dropped by W32.Mixor.Q@mm.

    Further reading: Trojan.Peacomm: Building a Peer-to-Peer Botnet


    Protection

    • Virus Definitions (LiveUpdate™ Daily) January 19, 2007
    • Virus Definitions (LiveUpdate™ Weekly) January 22, 2007
    • Virus Definitions (Intelligent Updater) January 19, 2007
    • Virus Definitions (LiveUpdate™ Plus) January 19, 2007
    Threat Assessment

    Wild

    • Wild Level: High
    • Number of Infections: More than 1000
    • Number of Sites: More than 10
    • Geographical Distribution: Medium
    • Threat Containment: Easy
    • Removal: Moderate
    Damage

    • Damage Level: High
    • Payload: Downloads additional security threats.
    • Degrades Performance: Sent UDP packets may degrade performance.
    Distribution

    • Distribution Level: Low
    • Ports: UDP ports 4000, 7871 and 11271


    Writeup By: Masaki Suenaga, Mircea Ciubotarui

    http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-011917-1403-99&tabid=1


    Follow me on the Twitter! @EricDiesel1972

    Deuteronomy 18:10-12 (KJV)

    10 There shall not be found among you anyone who makes his son or his daughter pass through the fire, or one who practices witchcraft, or a soothsayer, or one who interprets omens, or a sorcerer, 11 or one who conjures spells, or a medium, or a spiritist, or one who calls up the dead. 12 For all who do these things are an abomination to the Lord. (KJV)

    Follow me at my Biblical Blog: http://scripture-demystified.blogspot.com

    Baruch ha Shem Adonai.

  2. #2
    Join Date
    Apr 2005
    Posts
    4,320
    Thanks for the warning!

    Does anyone know anything about the amaena.com virus (possibly called Winspyware?)? It's on my PC and I don't have a clue how I got it or how to get rid of it. It won't ruin the PC, from what I've read, but it sure does take the fun out of it. It just automatically closes down every window you have open, or has wild pop-ups that you have to keep exiting. It's a mess. Any help anyone can offer on how to get rid of it will be much appreciated.

  3. #3
    Join Date
    Sep 2004
    Location
    Not Of This World
    Posts
    21,642
    Quote Originally Posted by HeartofTexas
    Thanks for the warning!

    Does anyone know anything about the amaena.com virus (possibly called Winspyware?)? It's on my PC and I don't have a clue how I got it or how to get rid of it. It won't ruin the PC, from what I've read, but it sure does take the fun out of it. It just automatically closes down every window you have open, or has wild pop-ups that you have to keep exiting. It's a mess. Any help anyone can offer on how to get rid of it will be much appreciated.
    Do you run anti-spyare programs on a weekly basis? If not, go to www.download.com and download programs such as Ad-Aware, Spybot: Search and Destroy (my 2 favorites) or Hijack This! Then run them ASAP and then weekly afterwards. You would be SURPRISED how much crap they remove! And that should include your problem spyware.


    Follow me on the Twitter! @EricDiesel1972

    Deuteronomy 18:10-12 (KJV)

    10 There shall not be found among you anyone who makes his son or his daughter pass through the fire, or one who practices witchcraft, or a soothsayer, or one who interprets omens, or a sorcerer, 11 or one who conjures spells, or a medium, or a spiritist, or one who calls up the dead. 12 For all who do these things are an abomination to the Lord. (KJV)

    Follow me at my Biblical Blog: http://scripture-demystified.blogspot.com

    Baruch ha Shem Adonai.



Similar Threads

  1. Trojan Virus Alert From AVG
    By killarney rose in forum Forum Finesse
    Replies: 11
    Last Post: 11-05-2012, 10:35 AM
  2. Warning: Trojan horse found in old KC picture files
    By QuietStorm in forum Caylee Anthony 2 years old
    Replies: 11
    Last Post: 09-07-2009, 11:30 AM
  3. Free Trojan Scanner?
    By Jovin in forum Forum Finesse
    Replies: 15
    Last Post: 07-21-2007, 10:06 PM
  4. Spammed Trojan horse poses as CCTV picture of campus rapist
    By Beyond Belief in forum Up to the Minute
    Replies: 0
    Last Post: 06-16-2006, 12:58 PM