NOW READ THIS
("Security Advisory")
Go Back
Submitted by: Bill Hickey & Rob Rude
NRT-0012 Raging Storm Worm:
Computer virus writers began using the lure of breaking news on raging European storms on 19JAN in a well-executed operation to infiltrate and set up covert backdoor control of thousands of computers. The worm, which the security firm F-Secure has called "Storm Worm" has been sent via email to hundreds of thousands of addresses around the world with the subject line: "230 dead as storm batters Europe." The worm is contained in an attachment to the email. Thousands of private computers have been affected by the virus, but most users will never notice because the malware creates a backdoor to their computer which can be exploited later to steal data or incorporate the computer into a botnet.
"Storm Worm" a.k.a. Trojan.Peacomm [Symantec], CME-711 [Common Malware Enumeration], TROJ_SMALL.EDW [Trend Micro], Small.DAM [F-Secure], Downloader-BAI [McAfee], Troj/Dorf-Fam [Sophos], is spreading rapidly through the internet. Symantec® has raised its "threat rating" on Peacomm to a category 3.
AV companies are working feverishly to battle the worm's authors. The authors of this Trojan tweaked it over the weekend in response to the first virus signature updates released by the AV companies.
Symantec claims that this is the biggest "outbreak" since Sober.O appeard in May, 2005. Symantec claims to be receiving around 3,500 messages each minute with Peacomm attachments. This is a real firefight.
Read the latest from Symantec's "Security Response Weblog":
Trojan.Peacom: Building a Peer-to-Peer Botnet
"Storm Trojan" Outbreak - A Spam-centric ViewGENERAL QUARTERS - Man your Battle Stations, Firewalls Up, SCAN your systems... You ARE part of the Information "WARFARE" community whether you volunteered or not.
Last Modified: Thursday, 25-Jan-2007 15:38:45 EST