Wednesday, January 07, 2009
 
 
You are here: News
 
Article Details
VIRUS ALERT !

As of April 12, 2007, Symantec Security Response is monitoring a massive surge of email spam containing the threat Trojan.Pacomm ( also known as Storm Trojan ). This threat was originally discovered in January 2007  but has been repackaged in this particular spam surge.

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

Trojan.Peacomm!zip is a detection for password-protected .zip files containing executable files infected by the Trojan.Peacomm family.

The password-protected .zip files reportedly may be sent as attachments in email spam. The email may have the following characteristics:

Subject:
One of the following:

·                                 Worm Detected!

·                                 Virus Detected!ected!

·                                 Virus Activity Detected!

·                                 ATTN!

·                                 Spyware Alert!

·                                 Spyware Detected!

·                                 Warning!

·                                 Trojan Alert!

·                                 Trojan Detected!

·                                 Worm Activity Detected!

·                                 Virus Alert!


Attachments:
One of the following:

·                                 patch-[RANDOM 4 DIGITS].zip

·                                 removal-[5 RANDOM DIGITS].zip

·                                 hotfix-[5 RANDOM DIGITS].zip

·                                 bugfix-[5 RANDOM DIGITS].zip

Recommendations

Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":

·                                 Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.

·                                 If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.

·                                 Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.

·                                 Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.

·                                 Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.

·                                 Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.

·                                 Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

 

 You must be a registered subscriber in order to view this Article.
To learn more about becoming a subscriber, please visit our Subscription Services page.
Autor: Bold Admin
Data postarii: 4/16/2007
Number of Views: 163
Return
An error has occurred.
Error: Unable to load the Article Details page.
 
 
Terms Of Use | Privacy Statement Copyright 2007 by Bold Mouse IT Solutions. All rights reserved.