6/6: Proxy.AFV Trojan Arrives as Download or Attachment
Troj_Proxy.AFV is a Trojan that arrives as a downloaded file from malicious Web sites either by other malware or by a user.
It is reportedly spammed using sensational news headlines as email subjects to hook unsuspecting victims. The use of actual news headlines makes it more difficult to distinguish it as malicious. It reportedly uses the following email details:
Subject: (any of the following)
Message body: (any of the following)
It connects to Web sites to download possibly malicious components. As a result, routines of the downloaded components are also exhibited on the affected system.
This Trojan opens the TCP port 80 and acts as a proxy server. The said action allows a remote user to gain anonymous connections to the Internet by using the affected system as a proxy server. Proxy servers act as an intermediary between a user and a server. Connections using a proxy server allow remote users to hide their original location since connections can only be traced to a system where this Trojan is installed.
Technical details can be found at this Trend Micro page.