Skip to main content
Technology
CNN Europe CNN Asia
On CNN TV Transcripts Headline News CNN International About CNN.com Preferences
 
Home Page
 
World
 
U.S.
 
Weather
 
Business at CNN/Money
 
Sports at SI.com
 
Politics
 
Law
 
Technology
 
Science & Space
 
Health
 
Entertainment
 
Travel
 
Education
 
Special Reports
SERVICES
 
Video
 
E-mail Newsletters
 
CNNtoGO
SEARCH
Web CNN.com
powered by Yahoo!

Virus targets online banking users

   Story Tools

LONDON, England (CNN) -- Computer users are being warned about a "vicious" virus that allows hackers to steal credit card numbers and online banking details.

The BugBear virus, also known as Tanat, is believed to have affected 99,000 e-mails so far, about 65,000 people, and is on course to become one of the biggest e-mail viruses ever, experts say.

The virus arrives as an e-mail and has spread to 100 countries including the UK, U.S. and Australia since Sunday.

The computer bug is particularly effective at tapping into on-line banking details and is able to bypass security firewalls.

It appears under 50 different catchlines, making detection difficult, including Market Update Report, Sponsors Needed, Your Gift, Your News Alert, Scam Alert and Membership Confirmation.

It is also able to constantly change its characteristics, such as altering the name of the sender.

Alex Shipp, senior anti-virus technologist at the UK e-mail filtering firm MessageLabs, told CNN on Friday: "It started off fairly slowly but is rapidly increasing, and looks to be spreading at the same rate as the Klez virus did in the early stages, which became the biggest virus ever."

One way of trying to spot the virus is to look at the size of the file attachment, usually about 50,688 bytes.

BugBear is thought to have originated in Malaysia on Sunday though cyber detectives in the country have denied such reports.

The virus enables hackers to scan computers and access banking details and passwords which are entered after the virus has been received.

MessageLabs, which scans about 10 million e-mails every day, estimates that one in 260 of these messages contain the virus. BugBear is on course to equal the devastation caused by the virus Klez which affected 2.5 million copies.

Mark Sunner, chief technical officer at MessageLabs, added: "Bugbear is a particularly vicious e-mail virus with a considerable payload.

"Not only does it contain a Trojan that can log key strokes but it also disable anti-virus software as well as opening up a backdoor port which may allow hackers access to a machine.

"The numbers (of those affected) are rising fast."

Bugbear can delete some anti-virus software, and also enables people to add or delete computer files.

It is able to spread by dropping copies of itself into folders on shared networks commonly used at corporations and large organisations, become attached to articles on somebody's hard disk and on messages in the native language of the user.

"It is the most cunning virus I have ever seen," Shipp told CNN.

"Each new virus introduces a couple of new features. This virus contains those and adds a couple of its own. It displays very good social engineering."

It takes advantage of a known vulnerability in Microsoft's Internet Explorer, Vincent Gullotto, vice president of the anti-virus response team at Network Associates told Reuters.

Anti-virus software on hand

MessageLabs and online banks have not reported any money having been taken from accounts, but the e-mail outsourcing provider warns hackers have been aware of the virus' accessibility and could pose a "danger."

Online banks say free anti-virus software is available which has been updated to deal with BugBear and some online financial institutions have offered customers a fraud guarantee.

Shipp recommends computer users update their anti-virus software to avoid falling victim to BugBear. Other top tips include updating any old Outlook software, and not opening any suspicious unsolicited e-mail.

"We are analysing the worm but we find no justification to the claim that it was discovered in Malaysia or may have even originated here," Raja Azrina Raja Othman, deputy director of the government's National Information, Communications Technology Security and Emergency Response Centre (NISER) told Reuters.

She added: "The person who invented the BugBear may have had that in mind (credit card abuse) but we don't see the worm exploiting that feature very much."

Other countries affected by BugBear include Poland, Finland, and India.


Story Tools
Top Stories
Burgers, lattes and CD burners
• CNN/Money: Britney Spears No. 1 name used by hackers
• CNN/Money: Atari's future in question
• CNN/Money: Report: Cingular opposes calls on planes
Top Stories
CNN/Money: Security alert issued for 40 million credit cards
• Bin Laden deputy sends message
• U.S. House votes to keep U.N. dues
• Iran poll to go to run-off
 
 
 
 
  SEARCH CNN.COM:
© 2004 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser.
CNN.com does not endorse external sites.