Security company raises risk level of "Storm Worm"

The last time a threat spread with such speed was Sober.O in May 2005, says Symantec

Symantec Security Response has raised the risk level of Trojan.Peacomm, also referred to as “Storm Worm”, to a category 3 threat, says the company.

The Trojan was first spotted on January 17, but over the weekend, new versions of the attack kept increasing. Symantec says that the malware author has adjusted his or her tactics in response to the measures taken by security companies to improve protection. The threat has been raised to a higher category because of the speed at which it is spreading across the internet.

Trojan.Peacomm appears to originate from Russia, says Symantec. The victim is encouraged to open an attachment, which typically appears to be a video clip on a recent, newsworthy event.

Trojan.Peacomm has been arriving in emails claiming to contain a video clip with a variety of subjects including “230 dead as storm batters Europe” and “British Muslims Genocide.” Once users click on the attachment the computer will become infected with the Trojan which will attempt to connect to a remote address and ultimately begin using the infected host to send big volumes of spam. Symantec’s labs have observed an average of 3,500 sent spam messages per minute.

The last time malicious software spread this quickly was in May 2005, when the Sober.O mass-mailling worm affected a similar number of systems, says Symantec.

The "Storm Worm" attacks demonstrate that the old and simple technique of relying on end-user weakness still works.

The latest versions of the worm include similarly provocative news headlines and malicious attachments, but the criminals have added a twist over the past few days: the text of the email messages now contains glowing reviews of penny stocks, apparently designed to fuel "pump and dump" stock scams, says Symantec.

Some of the email messages have also been changed to prey on the romantic, warns security vendor F-Secure. Recent versions of these Trojan emails have contained subject lines such as "A Bouguet of Love," "A Day in Bed Coupon," or "A Monkey Rose for You."

Additional reporting by Robert McMillan.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags symantectrojanworm

Show Comments