Welcome, Guest.
Please login or register.

Welcome to the E-Blah Community!
We would like to welcome you to our community and invite you to register an account or login.
Being a registered member is important, as it gives you several advantages over the normal Guest status. After registering you will be able to download files and images, post messages, and access member-only portions of the forum - just to name a few. Registration is quick and simple, and only takes about a minute of your time.

E-Blah Community    General Discussion    Chit - Chat  ›  Beware of the rapidly spreading Trojan.Peacomm
Users Browsing Forum
No Members and 1 Guests

Beware of the rapidly spreading Trojan.Peacomm  This thread currently has 1,032 views. Print
1 Pages 1 Recommend Thread
pcmantinker
January 22, 2007, 4:44pm Report to Moderator Report to Moderator

It's not what is seen that matters, it's character
Forum Support Team
Posts: 486
Gender: Male
Posts Per Day: 0.25
Reputation: 100.00%
Reputation Score: +11 / -0
Time Online: 3 days 22 hours 25 minutes
Location: Covington, LA
Age: 21
Hi,

I got a message from my Norton Antivirus saying that I was unprotected from the rapidly spreading Trojan.Peacomm. I tried getting the update to get protected from their live update server, but the requests were full.

For those of you who have Norton Antivirus, you can download the necessary updates at this link http://securityresponse.symantec.com/avcenter/defs.download.html. I don't know if Mcafee has released a patch for this yet as the trojan was created a few days ago on the 19th. Please don't let this infect your machine!

Here is a description of the trojan as written by Symantec:
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-011917-1403-99
Quoted Text

Discovered: January 19, 2007
Updated: January 22, 2007 04:04:42 PM GMT
Also Known As: CME-711 [Common Malware Enumeration], TROJ_SMALL.EDW [Trend Micro], Small.DAM [F-Secure], Downloader-BAI [McAfee], Troj/Dorf-Fam [Sophos]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP


Trojan.Peacomm is a Trojan horse that drops a driver program file to download additional security threats.

Trojan.Peacomm reportedly arrives as an attachment to a spammed email with the following characteristics:

Subject:
One of the following:

    * A killer at 11, he's free at 21 and kill again!
    * U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
    * British Muslims Genocide
    * Naked teens attack home director.
    * 230 dead as storm batters Europe.
    * Re: Your text
    * Radical Muslim drinking enemies's blood.
    * Chinese missile shot down Russian satellite
    * Chinese missile shot down Russian aircraft
    * Chinese missile shot down USA aircraft
    * Chinese missile shot down USA satellite
    * Russian missile shot down USA aircraft
    * Russian missile shot down USA satellite
    * Russian missile shot down Chinese aircraft
    * Russian missile shot down Chinese satellite
    * Saddam Hussein safe and sound!
    * Saddam Hussein alive!
    * Venezuelan leader: "Let's the War beginning".
    * Fidel Castro dead.


Attachment:
One of the following:

    * FullVideo.exe
    * Full Story.exe
    * Video.exe
    * Read More.exe
    * FullClip.exe
    * GreetingPostcard.exe
    * MoreHere.exe
    * FlashPostcard.exe
    * GreetingCard.exe
    * ClickHere.exe
    * ReadMore.exe
    * FlashPostcard.exe
    * FullNews.exe


Note: Due to a substantial increase in activity, Symantec Security Response raised this threat to category 3 on January 22, 2007.

Further reading: Trojan.Peacomm: Building a Peer-to-Peer Botnet


Protection

    * Virus Definitions (LiveUpdate™ Daily) January 19, 2007
    * Virus Definitions (LiveUpdate™ Weekly) January 22, 2007
    * Virus Definitions (Intelligent Updater) January 19, 2007
    * Virus Definitions (LiveUpdate™ Plus) January 19, 2007

Threat Assessment
Wild

    * Wild Level: High
    * Number of Infections: More than 1000
    * Number of Sites: More than 10
    * Geographical Distribution: Medium
    * Threat Containment: Easy
    * Removal: Moderate

Damage

    * Damage Level: High
    * Payload: Downloads additional security threats.
    * Degrades Performance: Sent UDP packets may degrade performance.

Distribution

    * Distribution Level: Low
    * Ports: UDP port 4000, UDP port 7871

Writeup By: Masaki Suenaga of Symantec


IGA: International Gamers' Alliance: http://www.iga-home.net/
Social Networking Website for Gamers

Life is so much better sober.
For it is by grace you have been saved, through faith—and this not from yourselves, it is the gift of God—[Eph 2:8]
Logged Offline
Site Site Private Message Private message AIM AIM YIM YIM Windows Live Messenger WLM Skype Skype
samwilcox
January 30, 2007, 9:15am Report to Moderator Report to Moderator

E-Blah Member
Posts: 4
Gender: Male
Posts Per Day: 0.00
Time Online: 1 days 10 hours 49 minutes
Location: Boise, ID
Age: 30
Thanks for the heads up. I wish people wouldn't create the mean viruses.  


Sam Wilcox
[email protected]
Logged Offline
Site Site Private Message Private message AIM AIM YIM YIM Windows Live Messenger WLM Skype Skype Reply: 1 - 1
1 Pages 1 Recommend Thread
Print

E-Blah Community    General Discussion    Chit - Chat  ›  Beware of the rapidly spreading Trojan.Peacomm

© 2001-2008 E-Blah
About Us - Contact