Virus Alert! BugBear worm installs 'key logger'!
This question was answered on October 7, 2002. Much of the information contained herein may have changed since posting.
A recently discovered mass-mailing worm labeled "[email protected]" is spreading rapidly In addition to sending itself via e-mail, it can also spread through network shares
It incorporates keystroke-logging and backdoor capabilities and attempts to disarm, disable or destroy most commercial anti-virus programs.
One of the visible symptoms of this worm is strange printer activity, including the printing of garbage or disrupted functionality.
The subject line can be a forward or reply of a real message or a variable of one of the following:
Greets!
Get 8 FREE issues - no risk!
Hi!
Your News Alert
$150 FREE Bonus!
Re:
Your Gift
New bonus in your cash account
Tools For Your Online Business
Daily Email Reminder
News
free shipping!
its easy
Warning!
SCAM alert!!!
Sponsors needed
new reading
CALL FOR INFORMATION!
25 merchants and rising
Cows
My eBay ads
empty account
Market Update Report
click on this!
fantastic
wow!
bad news
Lost & Found
New Contests
Today Only
Get a FREE gift!
Membership Confirmation
Report
Please Help...
Stats
I need help about script!!!
Interesting...
Introduction
various
Announcement
history screen
Correction of errors
Just a reminder
Payment notices
hmm..
update
Hello!
This worm is capable of altering its attack based on the operating system of the victim, which is helping it to spread quickly.
As always, don't open ANY file attachments in e-mail, especially from people you know as they are the most likely sender of the worm.
If you have not had a prior discussion about an attachment or there is not very specific information as to the contents of an attachment in the accompanying message, do not open the file.
If you are going to be sending file attachments in e-mail, be sure to be very specific about the file in the message as a courtesy to the recipient.
Most major anti-virus companies have posted updates on their web site to protect against this latest strain, so if you have not updated your anti-virus software in the last week or so, it would be a good idea to do so...
To make sure have all of the curren critical updates from Microsoft, go to:
If you become infected with BugBear, Symantec has posted a removal tool at:
<a href="http://sarc.com/avcenter/venc/data/[email protected] " target="_blank">>http://sarc.com/avcenter/venc/data/[email protected]mm.removal.tool.html
</a>
About the author
Posted by Ken Colburn of Data Doctors on October 7, 2002
Need Help with this Issue?
We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!