Virus Threat - Trojan.Peacomm (copy from Symantec)

Trojan.Peacomm is one of a number of spamming Trojan horse programs Symantec has seen lately that appear to originate from Russia and are clearly aimed at making money for the author by pumping up penny stocks. The victim is enticed through social engineering techniques to open an attachment, which typically appears to be a video clip on a recent, newsworthy event.

The trojan horse arrives as an attachment to an email purporting to contain a video of one of several different recent news stories. The email itself will have no message body, but will have one of several subject lines such as "A killer at 11, he's free at 21 and kill again!," "Fidel Castro Dead," "Re: Your Text." For a complete list of subject lines

•   * A killer at 11, he's free at 21 and kill again!
•   * U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
•   * British Muslims Genocide
•   * Naked teens attack home director.
•   * 230 dead as storm batters Europe.
•   * Re: Your text
•   * Radical Muslim drinking enemies's blood.
•   * Chinese missile shot down Russian satellite
•   * Chinese missile shot down Russian aircraft
•   * Chinese missile shot down USA aircraft
•   * Chinese missile shot down USA satellite
•   * Russian missile shot down USA aircraft
•   * Russian missile shot down USA satellite
•   * Russian missile shot down Chinese aircraft
•   * Russian missile shot down Chinese satellite
•   * Saddam Hussein safe and sound!
•   * Saddam Hussein alive!
•   * Venezuelan leader: "Let's the War beginning".
•   * Fidel Castro dead.

Attachment:

One of the following:

•   * FullVideo.exe
•   * Full Story.exe
•   * Video.exe
•   * Read More.exe
•   * FullClip.exe
•   * GreetingPostcard.exe
•   * MoreHere.exe
•   * FlashPostcard.exe
•   * GreetingCard.exe
•   * ClickHere.exe
•   * ReadMore.exe
•   * FlashPostcard.exe
•   * FullNews.exe

What is a Trojan Horse?

This term "Trojan Horse" comes from a Greek fable, in which the Greeks presented a giant wooden horse to the Trojans as a peace offering. However, a nasty surprise awaited the Trojans as Greek soldiers sprung out of the hollow horse and captured Troy. Similarly, a Trojan horse program presents itself as a useful computer program, while it actually causes havoc and damage to your computer.

Increasingly, Trojans are the first stage of an attack and their primary purpose is to stay hidden while downloading and installing a stronger threat such as a bot. Unlike viruses and worms, Trojan horses cannot spread by themselves. They are often delivered to a victim through an email message where it masquerades as an image or joke, or by a malicious website, which installs the Trojan horse on a computer through vulnerabilities in web browser software such as Microsoft Internet Explorer.

After it is installed, the Trojan horse lurks silently on the infected machine, invisibly carrying out its misdeeds, such as downloading spyware, while the victim continues on with their normal activities.