BBC NEWS    BBC Sport >>   Graphics version >>   Change to UK edition >>
News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia | UK | Business | Entertainment | Science/Nature | Technology | Health | Talking Point
Tuesday, 1 October, 2002, 12:54 GMT 13:54 UK

E-mail virus is bugbear for users

A computer virus that can steal passwords and credit card information is spreading on thousands of PCs worldwide.

Called Bugbear, the virus can open computers to hackers, compromise secure transactions and passwords, as well as disabling any anti-virus software and firewalls that might be in place.

According to security experts, there have been over 7,000 reports of the virus so far.

"Bugbear is a double-edge worm which spreads itself in e-mails and by copying itself around a network," said Senior Technology Consultant Graham Cluley at Sophos Anti-Virus.

Exploits vulnerability

" Bugbear is a particularly vicious e-mail virus with a considerable payload "

Mark Sunner, MessageLabs

The Bugbear worm is hard to spot, much like the Klez.H virus, which has been one of the chart-topping viruses so far this year.

It arrives in victims' in-boxes in the form of a random e-mail. The only tell-tale sign of its danger comes in the size of the attachment, which is always 50,688 bytes.

It is not even necessary for users to double-click on the attachment as it exploits a known vulnerability in Microsoft Outlook which allows it to open itself.

"Bugbear is a particularly vicious e-mail virus with a considerable payload," said Mark Sunner, Chief Technology Officer at virus filtering firm, MessageLabs

No time to patch

"Bugbear proves that new viruses can still take e-mail users and anti-virus vendors by surprise and, as ever, is testament to be fact that new viruses cannot be stopped effectively with anti-virus software," he said.

Although there are few new viruses in 2002, levels of computer crime activity have never been higher.

According to security firm mi2g, September topped all previous records for digital attacks with over 11,000 successful hack attempts.

For computer support staff, especially in large organisations, it is almost an impossible job to keep up with the hackers.

"When there are tens of thousands of machines across an organisation including servers and desktops it is difficult to manage reboot-patch-reboot regimes on a near daily basis," said mi2g Chairman DK Matai.

"Invariably some mission critical machines don't get patched in time despite the best will to do so.

"Those are perfect doorways for hackers and they are being exploited ruthlessly," he added.

Related to this story:
E-mail virus exploits September 11 (11 Sep 02 | Technology) Klez.H becomes biggest virus ever (28 May 02 | Science/Nature) Hack attacks on the rise (03 Sep 02 | Technology) Virus returns with a sting in its tail (19 Apr 02 | Science/Nature) E-mail virus crashes the party (28 Jan 02 | Science/Nature) Kournikova computer virus hits hard (13 Feb 01 | Science/Nature)

Internet links: Sophos | mi2g | MessageLabs
The BBC is not responsible for the content of external internet sites
News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia | UK | Business | Entertainment | Science/Nature | Technology | Health | Talking Point

^^ Back to top | BBC News Home | BBC Homepage | Feedback | ©