/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsKUALA LUMPUR: Malaysian cyber detectives tracking a new computer worm that disables security software said that there was no proof it came from Malaysia, as some reports suggest, or that it was being used for credit card fraud. Anti-virus firms warned computer users on Monday that the 'Bugbear' worm opens up a backdoor in the computers and logs keystrokes.
A Britain-based technology news website, reported earlier this week that the worm was first detected in Malaysia, and had the ability to steal password and credit card details. The infamous "Love Bug" and "Nimda" worms both originated in the neighbouring Philippines.
"We are analysing the worm but we find no justification to the claim that it was discovered in Malaysia or may have even originated here," said Raja Azrina Raja Othman, deputy director of the government's National Information, Communications Technology Security and Emergency Response Centre (NISER). She said there was also no evidence that the worm had been used by credit card fraudsters.
"There is a lot of credit card abuse already on the Net and it is not necessarily caused by worms," Raja Azrina told Reuters. "The person who invented the Bugbear may have had that in mind but we don't see the worm exploiting that feature very much," she added. Raja Azarina said initial investigations by NISER showed Bugbear was "easily spreading".
"We find it has very similar characteristics to the KLEZ," she said, referring to an earlier virus which sends e-mails with randomly named attachments and subject fields. The Bugbear worm takes advantage of a known vulnerability in Microsoft Corp's Internet Explorer, said Vincent Gullotto, vice president of the anti-virus response team at Network Associates Inc.
It shuts down anti-virus and firewall software designed to block out intruders and can spread by dropping copies of itself into folders on shared networks, which are commonly used at corporations and large organizations, he said.
The worm, which was seen in the United Kingdom, Poland, Finland, India and the United States, seems to have levelled off, Gullotto said. MessageLabs, a UK-based e-mail outsourcing provider, said that it had seen 1,200 copies of the worm and that the first copy it received was from Malaysia.
© Reuters