/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSEATTLE: A variant of the "Bugbear" worm, which spread around the Internet last October, opening back doors on computers and logging keystrokes, has started to infect users around the world, security experts said. Nearly a thousand users were affected by the worm, which is being called "Bugbear.B" and puts those infected at risk of losing confidential information, said Vincent Weafer, senior director of Symantec Corp.'s security response team.
The original Bugbear worm had infected tens of thousands of computers when it hit last year. Leading security companies have upgraded the Bugbear variant's status to a higher alert level within the last 24 hours. The Bugbear variant is better at using addresses in a user's e-mail program, sending itself to those addresses using the infected user's identity, said David Emm, a marketing manager for Network Associates Inc.'s Anti-Virus Emergency Response Team.
"There's potential for confidential data to be lost," Emm said. The new worm also sends mail with familiar subject lines such as "Interesting...", "Just a reminder" and "Hi!" to try and get any recipients to open e-mail containing the worm.
Several computer security firms have developed security patches for the worm that can be downloaded to prevent infections. Symantec's Weafer said users could protect themselves in advance from Bugbear.B, but that it would be difficult to reverse any damage once it had been done.
"Anyone who has updated software will be protected," Weafer said. The worm, which has the ability to change itself, targets personal computers, in contrast to January's Slammer worm, which targeted networked computers and caused damaged by overloading those servers with information and slowed down Internet traffic.
The Slammer worm, also known as "SQL Slammer", clogged Internet pipelines around the world, disrupted air traffic and shut down automatic teller machines across the United States on the day that it hit in late January.
The Bugbear variant can be particularly harmful because it also tries to disable some security programs and starts to snoop on an infected system.
Bugbear takes advantage of a known vulnerability in Microsoft Corp.'s Internet Explorer (IE) and can be run automatically simply by reading the e-mail and not opening the attachment. It can also spread via other e-mail programs, but it will not be automatically run in the same way.
© Reuters