Thursday, January 25, 2007

Trojan.Peacomm: I Was Right About Sinister Emails

Remember this post, in which I warned of suspicious-looking emails with the fascinating headlines and .exe attachments to be clicked?

Symantec (Norton Internet Security) has advised me of the following.


Symantec Security Response raised the risk level of Trojan.Peacomm from a category 2 out of 5, to a category 3 threat, due to the speed and volume in which it is being aggressively spammed across the Internet. The Trojan, which was first spotted January 17, 2007 has been raised to a higher category following a sustained increase in new versions of the attack which appeared over the weekend as the malware author responded to improvements in protection made by security companies by adjusting his tactics.

Trojan.Peacomm is one of a number of spamming Trojan horse programs Symantec has seen lately that appear to originate from Russia and are clearly aimed at making money for the author by pumping up penny stocks. The victim is enticed through social engineering techniques to open an attachment, which typically appears to be a video clip on a recent, newsworthy event.

The trojan horse arrives as an attachment to an email purporting to contain a video of one of several different recent news stories. The email itself will have no message body, but will have one of several subject lines such as "A killer at 11, he's free at 21 and kill again!," "Fidel Castro Dead," "Re: Your Text." For a complete list of subject lines, please click here.


Well, one of the spams I got claimed to have a video proving that Saddam Hussein was actually alive today! Those Russkies must think that we're stupid and guillible enough to fall for such an obvious scam!

Guess I wasn't specifically targeted after all. It's a widely-distributed trojan horse.