bongme Posted June 5, 2003 Share Posted June 5, 2003 hi Few viruses are as easy to spot as this Thursday, 5 June, 2003 People are being warned to be wary of a new variant of a Windows virus that wrought havoc last year. Bugbear was one of the most virulent viruses of 2002 and has now returned in a new guise. The variant is packed with a variety of malicious programs that help the virus spread, steal confidential information, hide its origins and disable security software. PC owners are being advised to update their anti-virus software and be suspicious of e-mail messages they were not expecting. "Not only can Bugbear leach confidential information from an infected machine, but it may also leave a backdoor wide open for hackers to take control of the machine and misappropriate passwords, credit card details or for some other nefarious purpose," said Paul Wood, Chief Information Analyst at MessageLabs. Lethal package The new B variant of the Bugbear shares some characteristics of its ancestor as it is designed to exploit vulnerabilities in Windows PCs. Like many other viruses it exploits loopholes in the popular Outlook e-mail program to infect machines. BUGBEAR SUBJECT LINES Greets! Your Gift Your News Alert free shipping! Membership Confirmation update history screen bad news I need help about script!!! Stats The virus itself arrives as an attachment but uses a lot of different names for the payload to make it harder to spot. To lend itself credibility the virus uses document names stolen from the PC the virus came from. However, because it uses a double suffix on the attachment filename, many anti-virus programs should be able to pick it out. When it reaches a new victim, the virus searches for addresses to despatch itself to and also picks a random e-mail address for the 'from' line to cover its tracks. This also makes it difficult for someone to find out who has sent them the virus. The virus also tries to spread by copying itself to any hard drives shared with infected machines. Sometimes this results in network connected printers spewing out page after page of garbage. In an attempt to stop itself being found and deleted, Bugbear.B looks for copies of well-known anti-virus packages and tries to turn them off. Bugbear.B also tries to install a key logging program that records which keys a person presses. Finally, the virus opens up a backdoor to the net that could let its creator take control of any infected machine. In an attempt to avoid being spotted by anti-virus programs that look for particular signatures, Bugbear.B appears to have the ability to reformat itself as it travels to new hosts. Anti-virus firms say they have received a few thousand copies of the virus which has now infected machines in more than 20 countries. Bongme Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now