The authors of the Storm worm (also know asTrojan.Peacomm) have shown an uncanny knack of changing or shedding keycomponents of the threat in order to enhance its persistence andspread. This week saw the latest incarnation of the threat, Trojan.Peacomm.D,reveal itself as halloween.exe or sony.exe. What is most interestingabout this latest variant of the Storm worm is that its authors haveremoved some key functionality that was present in the previousvariant, Trojan.Peacomm.C. Specifically, the threat no longer; 1. infects other legitimate drivers on the system. Previous variantsinfected drivers such as Tcpip.sys and Kbdclass.sys. This was astealth-like feature used by the threat to start early with theoperating system and without...
