Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Bugbear Internet worm slowing down

Bugbear Internet worm slowing down

by Nikola Strahija on October 9th, 2002 A worm dubbed Bugbear that opens back doors on computers and logs keystrokes is starting to slow down after zipping around the Internet at twice the rate of this year worst worm, Klez, a researcher said on Monday.


Bugbear surfaced a week ago, spiked on Thursday and appeared to be slowing on Monday, said Craig Schmugar, virus research engineer at Network Associates Inc. (NETA.O) McAfee Anti-Virus Emergency Response Team.

-We are still at high risk, high alert-, with Bugbear, he said, adding that its risk rating will probably be lowered to medium risk on Tuesday or Wednesday.

Bugbear takes advantage of a known vulnerability in Microsoft Corp.(MSFT.O) Internet Explorer (IE) and can be automatically run simply by reading the e-mail and not opening the attachment, Schmugar said.

The worm can spread via other e-mail programs, but it wont be automatically run in the same way, he said.

In addition to e-mail, the worm spreads via network shares, where computers share files on a common network, anti-virus firms said.

It tries to delete anti-virus software and also leaves a back door on infected systems that could allow an attacker to steal data, delete files and do other nasty things, Schmugar said.

The trojan can upload or download files, execute files and kill applications that are running. Also, it contains keylogging code that can capture keystrokes.

In addition, Bugbear tries to copy itself to other types of devices attached to shared corporate networks, like printers, according to Schmugar.

-If it is a printer then hundreds of pages of code gets printed out -, he said.

Klez is similar in that it spreads via e-mail and also uses an old flaw in IE to spread automatically. One variant of Klez overwrites files while another sends out documents from the victim hard drive.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »