Symantec Battens Down the Hatches

January 23rd, 2007: Symantec has bumped up the threat-o-meter to level three in response to a rapid increase in “Storm Worm” (Trojan.Peacomm) spamming around the world.

Reports of the Trojan began appearing on January 17 this year, however, its risk rating is being increased as according to Symantec, there has been a sustained increase in new version of the attack as the Trojan’s author adjusted tactics in response to protection improvements made by security firms.

Trojan.Peacomm has been designed to help its author profit by pumping up penny stocks in the US. Symantec says that the worm has been arriving in emails featuring news clips. Clicking infects the computer which is then used to connect to a remote address and begin sending high volume bursts of spam with an average 3,500 messages sent per minute.

Apart from raising the security level, Symantec is also plugging its new layer of defence, the Symantec Online Network for Advanced Response (SONAR). Apart form enjoying an acronym that is marketing dynamite, Symantec says SONAR helped to detect an increase in activity around the supporting files dropped by Trojan.Peacomm, identifying the threat before it was “seen in the wild.”

As usual, the virus and its rapid proliferation are being blamed on Russian malware authors and user gullibility respectively, prompting Symantec to again warn against clicking on attachments in unsolicited emails such as this.

Comment on this story