A new computer virus that offers hackers full control of infected PCs, giving them access to critical information such as passwords and credit-card numbers, was spreading on the internet on Thursday.
The virus, dubbed ”BugBear.B” by virus experts, follows two other quickly spreading e-mail viruses seen in recent weeks — ”Sobig.B” and ”Sobig.C” — but far exceeds them in its ability to do harm and in the aggressiveness of its spread.
E-mail filtering services company MessageLabs Inc. had blocked 37 400 copies of BugBear.B from 125 countries by midday on Thursday, after barely registering a blip on Wednesday, when the first copies were seen.
Network Associates Incorporated. said it had received 100 infection reports from corporate and consumer customers as of Thursday morning. Its rival, Symantec Corporation, said it received 180 infection reports from consumers and 51 from corporate customers.
All it takes is one e-mailed copy of the virus entering a corporate network for havoc to ensue. Once inside, BugBear.B will spread throughout a network.
Infected e-mails can carry various ”from” addresses, which don’t necessarily belong to the real sender. The subject lines and message texts also vary widely and in some cases are stolen from documents and files found on the victim’s PC. The virus-laden attachment is compressed with a modified UPX format and shows up
with multiple names.
BugBear.B, which is a variant of the ”BugBear” virus that struck in late September 2002, installs a hidden file that can allow hackers to access infected machines, where they could delete files or run programs of their choosing.
Because the virus installs a keylogger program that collects a user’s keystrokes, including passwords and credit-card numbers entered into Web sites, hackers could use their access to the PC to acquire such sensitive personal information. – Sapa-AP