Symantec Security Response recently raised the risk level of Trojan.Peacomm to a category 3 of a possible 5 threat levels, due to the speed and volume in which it is being aggressively spammed across the Internet. The Trojan, which was first spotted January 17, 2007 has been raised to a higher category following a sustained increase in new versions of the attack which appeared over the weekend as the malware author responded to improvements in protection made by s ecurity companies by adjusting his tactics.
Trojan.Peacomm is one of a number of spamming Trojan horse programs Symantec has seen lately that appear to originate from Russia and are clearly aimed at making money for the author by pumping up penny stocks. The victim is enticed through social engineering techniques to open an attachment, which typically appears to be a video clip on a recent, newsworthy event.
The email itself will have no message body, but will have one of several subject lines such as "A killer at 11, he's free at 21 and kill again!," "Fidel Castro Dead," "Re: Your Text." For a complete list of subject lines, please go to:
Symantec's new technology, Symantec Online Network for Advanced Response (SONAR), which is included in Norton AntiVirus and Norton Internet Security, helped to detect an increase in activity around supporting files dropped by Trojan.Peacomm early last week, before the threat was seen in the wild.
We will closely monitor further information related to this threat, and will provide updates and security content as necessary.