Symantec AntiVirus Virus Alerts & Advisories

Print This Page

Administrative Applications

Clinical Applications

Enterprise Services

Student Services

Support

Teaching & Learning

Current Virus Alerts and Virus Advisories

Current Virus Alerts

Previous Virus Alerts

Alerts: reported at Johns Hopkins
Advisories: reported by Symantec as widespread

(View the Johns Hopkins blocked host list)

Virus Alert! - 22 January 2007 - Trojan.Peacomm

Description and Impact. Symantec has issued a "Category 3" (moderate) alert about this trojan horse threat due to substantially increased activity, although at this point, no reports have been received from within the Institution.

The threat arrives within e-mail spam as an executable e-mail attachment which, when executed, will install and launch a malicious Windows service. The service opens UDP ports 4000 and 7871 to exchange information with malware hosts, and download additional security threats to the infected system.

Mitigating factors in our environment are that our e-mail relays do not allow attachments with an .EXE file extension, making it more difficult for this threat to infiltrate; also the latest Symantec virus definitions (dated 1/21/2007, rev.9) already detect this threat.

Possible E-mail Subject Lines

A killer at 11, he's free at 21 and kill again!
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
British Muslims Genocide
Naked teens attack home director.
230 dead as storm batters Europe.
Re: Your text
Radical Muslim drinking enemies's blood.
Chinese missile shot down Russian satellite
Chinese missile shot down Russian aircraft
Chinese missile shot down USA aircraft
Chinese missile shot down USA satellite
Russian missile shot down USA aircraft
Russian missile shot down USA satellite
Russian missile shot down Chinese aircraft
Russian missile shot down Chinese satellite
Saddam Hussein safe and sound!
Saddam Hussein alive!
Venezuelan leader: "Let's the War beginning".
Fidel Castro dead.

Possible Attachment File Names

FullVideo.exe
Full Story.exe
Video.exe
Read More.exe
FullClip.exe
GreetingPostcard.exe
MoreHere.exe
FlashPostcard.exe
GreetingCard.exe
ClickHere.exe
ReadMore.exe
FlashPostcard.exe
FullNews.exe

Prevention and Removal. Symantec virus definitions dated January 21, 2007, rev. 9 will detect and prevent infection from the trojan. These definitions have already been distributed to systems on Enterprise and Desktop Computing Services managed Symantec systems. No Symantec removal tool is yet available, but manual removal instructions are listed on Symantec's site for the threat in the link above prefacing this article.

AntiVirus Home

Virus Alerts

Downloads

Automatic Symantec Virus Definition Updates

Enterprise Symantec AntiVirus Daily Report Request

Information Security

Blocked IP List

Untitled Document