MessageLabs Alert: New Bugbear Virus Spreading Rapidly; Poses Significant Damage Threat.Business Editors/High-Tech Writers NEW YORK--(BUSINESS WIRE)--June 5, 2003 Polymorphic Virus A virus that changes its binary code each time it infects a new file. Without an identifiable pattern to match, it is extremely difficult to discover under normal methods. Also called a "stealth virus," one way to detect it is by its actions (see behavior blocking). See virus. Contains Ability to Foil Conventional Anti-Virus Techniques, Auto-Execute, Spread Via Network Shares, And Install a Key-Logging Trojan MessageLabs, the world's leading provider of managed email security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the , today announced it has intercepted a very high volume of a new mass mailing virus, W32/Bugbear.B-mm, and has issued a high-level alert for enterprises. MessageLabs first intercepted copies of the virus at 6:59 am on June 4 and as of 11:00 am EDT EDT abbr. Eastern Daylight Time EDT Eastern Daylight Time EDT n abbr (US) (= Eastern Daylight Time) → hora de verano de Nueva York EDT today has intercepted more than 35,000 copies of the virus across 106 countries while providing complete protection for MessageLabs customers (latest statistics available on the MessageLabs Web site). W32/Bugbear.B-mm differs greatly from recent virus outbreaks. It appears to be very polymorphic polymorphic - polymorphism and malicious in nature. It has the ability to repack Re`pack´ v. t. 1. To pack a second time or anew; as, to repack beef; to repack a trunk. s> or modify itself during each generation, presumably pre·sum·a·ble adj. That can be presumed or taken for granted; reasonable as a supposition: presumable causes of the disaster. in an attempt to foil simple anti-virus signature fingerprinting techniques to detect it. The virus re-mails itself to the recipient's address book using a random email, which could potentially be highly confidential, found in the recipient's address book. In copies of the virus that MessageLabs has stopped, the MS01-020 auto-open exploit has also been found, which will automatically execute the virus attachment just by reading the email on an un-patched Windows system. Initial analysis indicates that this virus also attempts to disarm local security software, such as anti-virus or firewall software. It may also be able to spread via network shares, as was the case with the earlier Bugbear.A strain. Furthermore, it installs a key-logging trojan component and enables an unscrupulous hacker to take control of the infected machine and download a file containing the user's keystrokes, including information entered on websites such as passwords or credit-card details for example. "Bugbear.B is likely to be more damaging than any virus seen so far this year," said Mark Sunner, Chief Technology Officer at MessageLabs. "Particularly worrying is the fact that not only can Bugbear leach confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead from an infected machine, but it may also leave a backdoor See trapdoor. wide open for hackers to take control of the machine and misappropriate mis·ap·pro·pri·ate tr.v. mis·ap·pro·pri·at·ed, mis·ap·pro·pri·at·ing, mis·ap·pro·pri·ates 1. a. To appropriate wrongly: misappropriating the theories of social science. passwords, credit-card details or for some other nefarious purpose." To find more detailed information on the virus and to track its activity across the globe, please visit http://www.messagelabs.com/viruseye/threats/ About MessageLabs Intelligence MessageLabs has become a highly respected source of data and analysis for email security issues, trends and statistics through its MessageLabs Intelligence division. Since gaining worldwide recognition as the first company to stop and name the "LoveBug" virus in May 2000, MessageLabs has played a crucial role in alerting the public to the dangers of every virus and email threat since, including the "Anna Kournikova," "Sircam," "Nimda," "Bugbear," "klez," "Yaha," "Fizzer" and "SoBig" virus outbreaks. MessageLabs Intelligence draws on live data feeds from MessageLabs' global network of control towers, which scan millions of emails everyday, and provide the latest and most comprehensive news and analysis available on email security threats. The company provides a full suite of information and statistics, including spam, virus and email pornography growth and trends by region and vertical industry, a comprehensive threat list and, in the event of a new outbreak, an email notification service. MessageLabs Intelligence publishes information on the MessageLabs Web site and offers a range of subscription services. About MessageLabs MessageLabs is the leading provider of managed email security services to businesses worldwide. The company's unique predictive technology, Skeptic(TM), delivered through a global infrastructure, acts as a first line of defense by scanning email and eliminating threats such as viruses, spam and other unwanted content before they reach the customer and without the need for any additional hardware or software costs. The MessageLabs service is powered by a global network of 'control towers,' currently spanning the US, UK, Germany, the Netherlands, and Hong Kong. The network is centrally managed from a Global Operations Centre and scans millions of emails a day with no discernible impact on delivery times. MessageLabs currently has more than 6000 business customers globally, including: The British Government, Air Products, The Bank of England Bank of England, central bank and note-issuing institution of Great Britain. Popularly known as the Old Lady of Threadneedle Street, its main office stands on the street of that name in London. , SC Johnson, Conde Nast Publications, Fujitsu, Lloyds TSB and Rentokil. The company's partners include: BT, Cable and Wireless, Energis, Royal KPN KPN Koninklijke PTT Nederland (Royal Dutch Telecom) KPN Konfederacja Polski Niepodleglej (Polish conservative party) NV, Telia, MCI (1) (Media Control Interface) A high-level programming interface from Microsoft and IBM for controlling multimedia devices. It provides commands and functions to open, play and close the device. (2) (Microwave Communications Inc. and CSC. For further information on MessageLabs, please visit http://www.messagelabs.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion