Boatmad.com


Reply
 
Thread Tools Display Modes
 
Old 20-01-2007, 12:30 PM   #1
jw.
Registered User
 
jw.'s Avatar
 
Location: Scotland
Interests: Hole maker
Boat make: Humber Ocean Offshore
Engines: KAD 300/DPX

Join Date: Mar 2004
Location: Scotland
Posts: 954
Trojan warning

I got this email from Symantec this morning...

"As of January 19, 2007, Symantec Security Response is advising users to be cautious of any unsolicited email which contains attachments that claim to be legitimate or interesting, due to a recent trojan horse named Trojan.Peacomm. The Trojan horse arrives as an attachment to an email purporting to contain a video of one of several different recent news stories. The attachment may be one of the following: FullVideo.exe, FullStory.exe, Video.exe, ReadMore.exe, FullClip.exe.

The attachment is actually a trojan horse that will install itself on the system and download other malicious programs from various computers on the Internet. The attachment and the trojan horse it contains will be detected as Trojan.Peacomm. Other malicious programs that are commonly downloaded by this threat include Trojan.Abwiz.F and W32.Mixor.Q@mm.

Once installed and running, this threat attempts to establish communication with other infected systems on the Internet via a custom peer-to-peer network. This network is used as the distribution source from which the other malicious programs are downloaded. "
__________________

__________________
JW.
jw. is offline   Reply With Quote
Old 20-01-2007, 12:43 PM   #2
Registered User
 

Join Date: Mar 2004
Posts: 6,862
http://www.symantec.com/security_res...011917-1403-99
__________________

Matt is offline   Reply With Quote
Old 20-01-2007, 05:45 PM   #3
djb
Registered User
 
djb's Avatar
 
Country: uk
Location: blackpool
Interests: boats/sportsbikes
Boat make: fletcher gto
Engines: merc 200
Cruising area: wyre estuary

Join Date: Oct 2005
Location: blackpool
Posts: 114
I have been sent 2 of these already,both with a headline about terrorism,fortunately i deleted both of them before downloading
djb is offline   Reply With Quote
Old 20-01-2007, 07:55 PM   #4
Chief C*nt!
 
Johnny Rocket's Avatar
 
Country: United Kingdom
Location: Brighton
Occupation: Sparkler prefect
Interests: Boats
Boat make: Other people's mostly

Join Date: Mar 2004
Location: Brighton
Posts: 871
I've had about a dozen. The subject lines are clever and make it tempting to click on the attachment. I reckon that a lot of people will be cuaght by it!
Johnny Rocket is offline   Reply With Quote
Old 20-01-2007, 08:24 PM   #5
1up
Registered User
 
1up's Avatar
 
Country: uk
Location: Bristol area
Occupation: Electrician
Interests: mmm stella
Boat make: 16 reiver
Engines: mercury 125 optimax
Cruising area: Lyme Bay

Join Date: Mar 2006
Location: Bristol area
Posts: 344
always be wary of anything***.exe
1up is offline   Reply With Quote
Old 23-01-2007, 11:44 AM   #6
jw.
Registered User
 
jw.'s Avatar
 
Location: Scotland
Interests: Hole maker
Boat make: Humber Ocean Offshore
Engines: KAD 300/DPX

Join Date: Mar 2004
Location: Scotland
Posts: 954
I got this email from Symantec this morning. They are clearly taking this threat seriously.

Protection Update
Today Symantec Security Response raised the risk level of Trojan.Peacomm to a category 3 threat, due to the speed and volume in which it is being aggressively spammed across the Internet.

The Trojan, which was first spotted January 17, 2007 has been raised to a higher category following a sustained increase in new versions of the attack which appeared over the weekend as the malware author responded to improvements in protection made by security companies by adjusting his tactics.

Trojan.Peacomm is one of a number of spamming Trojan horse programs Symantec has seen lately that appear to originate from Russia and are clearly aimed at making money for the author by pumping up penny stocks. The victim is enticed through social engineering techniques to open an attachment, which typically appears to be a video clip on a recent, newsworthy event.

The email itself will have no message body, but will have one of several subject lines such as "A killer at 11, he's free at 21 and kill again!," "Fidel Castro Dead," "Re: Your Text." For a complete list of subject lines, please visit Symantec.
__________________
JW.
jw. is offline   Reply With Quote
Old 23-01-2007, 12:16 PM   #7
Registered User
 

Join Date: Mar 2004
Posts: 6,862
I've not used outlook for years now so dunno what it's spam protection is like these days. However, I've been using gmail for a long time and its antispam is pretty damn good - mebbe get 1 mail a month that goes the wrong way.

Also, on the AV front I've ditched Norton. Found some scenarios where it failed, which bearing in mind it's a very heavy programme, I was unimpressed. Have switched to JF's recommendation of AVG and am very impressed.
Matt is offline   Reply With Quote
Old 23-01-2007, 12:21 PM   #8
jw.
Registered User
 
jw.'s Avatar
 
Location: Scotland
Interests: Hole maker
Boat make: Humber Ocean Offshore
Engines: KAD 300/DPX

Join Date: Mar 2004
Location: Scotland
Posts: 954
Quote:
Originally Posted by Matt View Post
Have switched to JF's recommendation of AVG and am very impressed.
Yeh, Norton is a load on the system. Giz details of AVG... Does it support immediate fixes for threats like this one?
__________________
JW.
jw. is offline   Reply With Quote
Old 23-01-2007, 12:37 PM   #9
numbskull
 
Jon Fuller's Avatar
 
Country: United Kingdom
Location: South
Occupation: none
Interests: none
Boat name: Leviathan
Boat make: Phantom 28
Cruising area: South Coast

Join Date: Mar 2004
Location: South
Posts: 15,956
Did you go for the free version, or commercial version?

If you chose to pay, did you go for the full 'internet security', or just the anti virus?

What's the general thoughts on Microshaft's own firewall within XP?

I think I'm going to upgrade to the commercial version (despite licking my wounds this morning, as I write cheques for my VAT return '&' January 31 Tax return ) , but am not sure if I should be going for the whole hog, or just AV.

Opinions please??

JF

Quote:
Originally Posted by Matt View Post
I've not used outlook for years now so dunno what it's spam protection is like these days. However, I've been using gmail for a long time and its antispam is pretty damn good - mebbe get 1 mail a month that goes the wrong way.

Also, on the AV front I've ditched Norton. Found some scenarios where it failed, which bearing in mind it's a very heavy programme, I was unimpressed. Have switched to JF's recommendation of AVG and am very impressed.
__________________
.

"I Agree with everything you say really!" - John Cooke to Jon Fuller - 26-01-2013
Jon Fuller is offline   Reply With Quote
Old 23-01-2007, 12:56 PM   #10
Registered User
 

Join Date: Mar 2004
Posts: 6,862
I'm on the free one at the mo. The free AV seems pretty good, but onviously doesn't have the auto anti spyware bit. I keep meaning to go commercial, just haven't got around to it yet.

jw. Yeh, auto downloads updates as often as they're made available, which is often daily.
Matt is offline   Reply With Quote
Old 23-01-2007, 04:19 PM   #11
Registered User
 
Rupert Munro's Avatar
 
Country: England
Location: London
Interests: Extreme Sports, Cars, Boats

Join Date: Aug 2005
Location: London
Posts: 503
Send a message via MSN to Rupert Munro
Does anyone knowif you can still get the fully free copy of AVG - downloaded the current version the other day and it says i only have 30 days of trial then have to pay?
Rupert Munro is offline   Reply With Quote
Old 23-01-2007, 04:55 PM   #12
Registered User
 

Join Date: Mar 2004
Posts: 6,862
When I installed mine the 30 day trial applied to the antispam product only.
Matt is offline   Reply With Quote
Old 23-01-2007, 05:06 PM   #13
Registered User
 
Rupert Munro's Avatar
 
Country: England
Location: London
Interests: Extreme Sports, Cars, Boats

Join Date: Aug 2005
Location: London
Posts: 503
Send a message via MSN to Rupert Munro
maybe its just for that then - will check, thanks
Rupert Munro is offline   Reply With Quote
Old 23-01-2007, 06:20 PM   #14
Chief C*nt!
 
Johnny Rocket's Avatar
 
Country: United Kingdom
Location: Brighton
Occupation: Sparkler prefect
Interests: Boats
Boat make: Other people's mostly

Join Date: Mar 2004
Location: Brighton
Posts: 871
Quote:
Originally Posted by Rupert Munro View Post
Does anyone knowif you can still get the fully free copy of AVG - downloaded the current version the other day and it says i only have 30 days of trial then have to pay?
Looks like they've discountinued the free version. My longstanding "free" versions are now popping up messages to saythat from next month I'll have to pay.
Johnny Rocket is offline   Reply With Quote
Old 23-01-2007, 06:24 PM   #15
Registered User
 

Join Date: Mar 2004
Posts: 6,862
Gutted, I'll have to spend some money.
Matt is offline   Reply With Quote
Old 23-01-2007, 06:44 PM   #16
Registered User
 

Join Date: Mar 2004
Posts: 6,862
Looks like AVG 7.1 was the one available for "free" and is still supported with free virus defs etc, so ya can still have a free AV solution. I almost certainly have the installer I can distribute if ya want it.
Their anti spyware product is pretty good too (better than ad-aware & spybot IMVHO)

jw - regarding firewalls, how is your home network configured? ie ADSL, NTL, router, hub, wireless etc?
Matt is offline   Reply With Quote
Old 23-01-2007, 07:21 PM   #17
jw.
Registered User
 
jw.'s Avatar
 
Location: Scotland
Interests: Hole maker
Boat make: Humber Ocean Offshore
Engines: KAD 300/DPX

Join Date: Mar 2004
Location: Scotland
Posts: 954
Quote:
Originally Posted by Matt View Post
jw - regarding firewalls, how is your home network configured? ie ADSL, NTL, router, hub, wireless etc?
BT line>modem>DSL router(wireless + LAN)>LAN to main computer and wireless to laptop.

Norton Anti Virus and Internet Security firewall. Emails on an external site rather than Outlook.

Reason?
__________________
JW.
jw. is offline   Reply With Quote
Old 23-01-2007, 08:53 PM   #18
Registered User
 

Join Date: Mar 2004
Posts: 6,862
Oops. I confused your post with JF regarding firewalls.

Basically, anyone who's behind a router that does NAT (Network Address Translation)is behind a firewall. And anything that has multiple machines connected to it almost certainly does that.

Only a machine that is directly exposed to the internet (in this case, the router) is exposed to attack.

The other key one is to bind the wireless router to only accept connections from specific MAC addresses and enforce some decent encryption.
Matt is offline   Reply With Quote
Old 23-01-2007, 11:03 PM   #19
Registered User
 
Silversurfer's Avatar
 
Country: UK
Location: Leigh-on-sea
Occupation: IT Director, www.lighthouseit.co.uk
Interests: Boats, Surfing & Snowboarding
Boat name: Isabella / Cool Runnings II / Bella / Sea Pup / Sea Dog / Speedy II
Boat make: Colvic 35 Suncruiser / Phantom 16 / Zodiac 420 YL / RIB / Apollo 9
Engines: 2 x Perkins Sabre 225ti / Mercury Pro XS 115/ Tohatsu 2.5 / Mercury 25 / Mercury 50
Cruising area: Thames Estuary / River Crouch / Salcombe

Join Date: Jun 2004
Location: Leigh-on-sea
Posts: 918
Buy a router with a firewall built in I am a draytek reseller, you can ban exe etc from getting into your inbox on the router.

Anti Spam via Spam Assassin or ASSP - Anti Virus for free with CLAM AV or AVG Free, jobs a good one!
__________________
Loving the Spitfire with a 25HP Mercury
Silversurfer is offline   Reply With Quote
Old 23-01-2007, 11:27 PM   #20
numbskull
 
Jon Fuller's Avatar
 
Country: United Kingdom
Location: South
Occupation: none
Interests: none
Boat name: Leviathan
Boat make: Phantom 28
Cruising area: South Coast

Join Date: Mar 2004
Location: South
Posts: 15,956
Na, the version that expires shortly, is the V7.1, you need to download V7.5 to continue enjoying the free AV.

you get it from this page: http://free.grisoft.com/doc/1

I downloaded the full AVG 'Anti-malware' program today, on 30 day trial, so will be paying the 30 bucks next month. can't really see much difference to the free one so far, but assume there must be summat better about it!.

Quote:
Originally Posted by Johnny Rocket View Post
Looks like they've discountinued the free version. My longstanding "free" versions are now popping up messages to saythat from next month I'll have to pay.
__________________

__________________
.

"I Agree with everything you say really!" - John Cooke to Jon Fuller - 26-01-2013
Jon Fuller is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Powered by vBadvanced CMPS v3.2.3

All times are GMT +1. The time now is 12:23 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.