Hacker Attacks Possible as E-mail Worm Disables Antivirus Programs and Firewalls
Posted on 01 October 2002.
Panda Software's Virus Laboratory today reported a new e-mail worm "Bugbear" that attacks files used by antivirus programs and firewalls. Once this worm has infected a computer system it stops antivirus programs and firewalls from running and leaves the computer defenseless against other viruses and potentially devastating attacks.

Panda Software, a leading international developer of computer security software, reported that W32/Bugbear reaches computers in an e-mail message which is very difficult to recognize. Bugbear randomly makes up the subject, contents and the name of the attached file. Cleverly disguising itself, it is hard for computer users to detect the worm, making computers easy targets for infection.

Additionally this is a malicious code designed to send itself out in a file attached to an e-mail message. The name of the attachment and the e-mail subject and message are variable. This opens the door to a hacker who could come in and take control of the computer and potentially cause unassailable damage.

According to Panda Software, W32/Bugbear takes advantage of a vulnerability found in MS Internet Explorer 5.01 and 5.5 SP-1 that allows files attached to an e-mail message to be automatically run.

None of Panda's Antivirus users have reported infection as Panda Antivirus subscribers are protected by daily signature file updates from Panda Software. In order to avoid infection, Panda Software recommends that computer users update their antivirus solutions immediately.

The multinational antivirus developer has already made the corresponding update for its antivirus available to computer users. This update, which detects and removes Bugbear, can be downloaded from Panda Software's Virus Encyclopedia at http://www.pandasecurity.com/default.htm.

The worm's main action consists of attacking files used by antivirus programs and firewalls. For in-depth reports on files affected by this worm go to: http://www.pandasecurity.com/default.htm.

About Panda Software's virus laboratory:

On receiving a possibly infected file, Panda Software's technical staff gets straight down to business. They analyze the file and, depending on the type, they take the appropriate action. Action taken may include; disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users.

About Panda Software:

Panda Software (http://www.pandasecurity.com) is a leading international developer of computer security software for all types of customers: corporate clients, small and medium sized companies and home users. The company has recently released two new enterprise antivirus solutions, Panda Antivirus Enterprise Suite and Panda PerimeterScan. Panda's 100% in-house, cutting-edge technology has received awards and quality certifications from the most widely respected IT security institutions. Panda Software was the first to allow truly automatic, daily signature updates, as well as centralized administration of antivirus protection, both of which have revolutionized the antivirus industry. The quality of Panda Software's products has been endorsed by the major industry watchdogs including Virus Bulletin, ICSA Labs and CheckMark.





Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //