- This is an even more dangerous variant of the Bugbear worm, a malicious code that caused a widespread epidemic a few months ago.
- Panda Software's tech support services have already started receiving incidents involving this new worm.

The Panda Software Virus Laboratory has detected the appearance of a new worm called Bugbear.B. This variant is even more dangerous that the original malicious code, Bugbear, which caused a widespread epidemic last September. The Panda Software tech support services have already received some incidents involving this new worm.

Bugbear.B is designed to spread rapidly via e-mail, using its own SMTP engine, and to infect a large number of system files. The e-mail message carrying the worm has a variable subject and attachment. Some of the possible characteristics are:

Subject:

Hi!
Your News Alert
$150 FREE Bonus!
Re:
Your Gift
New bonus in your cash account

Attachments:

data
song
music
video
photo

Finally, the message body appears blank.

Bugbear.B also exploits a known vulnerability in the browser Internet Explorer, which is detected by Panda Software as Exploit/iFrame. By doing this, it will be automatically run when the message carry the worm is viewed through the Outlook Preview Pane.

However, the biggest danger of this worm lies in its capacity to disable a large number of antivirus and security programs. In order to do this, it not only ends the processes belonging to these programs, but also deletes files that are essential to their correct functioning.

Bugbear.B is a polymorphic worm, which makes it difficult for antivirus programs to detect.

Due to the potential damage this virus can cause, Panda Software advises users to be extremely careful with e-mail messages received. Detailed information about Bugbear.B is available from Panda Software's Virus Encyclopedia.

The Panda Software Virus Research Laboratory is currently studying this worm, therefore more detailed information about Bugbear.B will be published over the next few hours.