The Web    Google
9/1: Bugbear-I a Mass-Mailing Worm

9/1: Bugbear-I a Mass-Mailing Worm
September 1, 2004

W32/Bugbear.i@MM is a new variant of W32/Bugbear. It bears the following characteristics:

  • mass-mails itself to recipient email addresses extracted from the victim machine. It attaches itself to outgoing emails within a ZIP file.
  • opens a port for remote access
  • May also drop a separate backdoor component

    Outgoing messages are formatted as follows:

    From: Spoofed (using harvested email addresses, and strings carried in the virus).
    Subject: Various, selected from those carried in the virus.
    Attachment: GIRLS.ZIP zip archive. This contains the worm with one of the several file names.

    View them and other information at McAfee page.

  • ActivCard Enhances Authentication for Remote Access Over Web
  • 11/8: Trojan.Beagooz Collects Addresses
  • IE Vulnerability Flagged
  • Trolling For Anti-Phishing Laws
  • 2/17: Poebot-A Worm Has Backdoor Functions
  • 12/2: QLowZones-4 Trojans Attack IE
  • 7/19: Rbot-DX Spreads to Remote Shares
  • Cobalt RaQ 4 Security Flaw Detected
  • 8/5: Toraja-I Macro Virus For Office 97
  • 2/23: Stang-A Worm Spreads Via MSN IM
  • Symantec, Nortel Play Team Defense
  • Cheap Security Camera