Re: Odd mail, WATCH OUT



In a message dated 6/6/03 9:45:35 AM Eastern Daylight Time, 
alex.wolfson@xxxxxxxx writes:


> FYI
> 
> The virus checker here at work identified it as the bugbear virus, whatever 
> that is.
> 

This is serious stuff - 

NEW YORK (June 5) - A new computer virus that offers hackers full control of 
infected PCs, giving them access to critical information such as passwords and 
credit-card numbers, was spreading on the Internet Thursday.

The virus, dubbed ``BugBear.B'' by virus experts, follows two other quickly 
spreading e-mail viruses seen in recent weeks - ``Sobig.B'' and ``Sobig.C'' - 
but far exceeds them in its ability to do harm and in the aggressiveness of its 
spread.

E-mail filtering services company MessageLabs Inc. had blocked 37,400 copies 
of BugBear.B from 125 countries by midday Thursday, after barely registering a 
blip on Wednesday, when the first copies were seen.

Network Associates Inc. said it had received 100 infection reports from 
corporate and consumer customers as of Thursday morning. Its rival, Symantec Corp., 
said it received 180 infection reports from consumers and 51 from corporate 
customers.

All it takes is one e-mailed copy of the virus entering a corporate network 
for havoc to ensue. Once inside, BugBear.B will spread throughout a network.

Infected e-mails can carry various ``from'' addresses, which don't 
necessarily belong to the real sender. The subject lines and message texts also vary 
widely and in some cases are stolen from documents and files found on the 
victim's PC. The virus-laden attachment is compressed with a modified UPX format and 
shows up with multiple names.

BugBear.B, which is a variant of the ``BugBear'' virus that struck in late 
September 2002, installs a hidden file that can allow hackers to access infected 
machines, where they could delete files or run programs of their choosing.

Because the virus installs a keylogger program that collects a user's 
keystrokes, including passwords and credit-card numbers entered into Web sites, 
hackers could use their access to the PC to acquire such sensitive personal 
information.    






This archive was generated by a fusion of Pipermail 0.09 (Mailman edition) and MHonArc 2.6.8.