Bugbear worm top scoundrel for October

Edward Hurley, News Writer

The Bugbear worm dislodged Klez as the top piece of malicious code for October, ending Klez's seven-month stay atop the monthly virus lists of leading antivirus vendors and research firms.


    Requires Free Membership to View

Virus alert: Bugbear
Past Virus Roundups
Feedback on this story? Send your comments to News Writer Edward Hurley

Bugbear surfaced late in September and steadily traveled on networks through the first week of October. Bugbear is also called Tanat, Tanatos, WORM_NATOSTA.A and W32/Bugbear@MM.

"There was a brief period during the month when Bugbear accounted for nearly 60% of all total infection reports," said Steven Sundermeier product manager at Medina, Ohio-based Central Command, Inc.

Bugbear's author copied a lot of functionalities of Klez. For example, Bugbear takes advantage of a MIME and an IFRAME vulnerability in some versions of Microsoft Outlook, Microsoft Outlook Express and Internet Explorer. As a result, the attached worm can execute without the attachment being clicked on.

But unlike Klez, Bugbear dropped a key-logging program into infected systems. The program can harvest passwords, user names, credit card numbers and other sensitive information. The worm also opens a back door on port 36794, which can allow the worm's writer or others to steal that information.

Below are the monthly virus numbers from different antivirus vendors:

Kaspersky Labs' top 20 viruses for the month of October:
1. I-Worm.Tanatos 44.9%
2. I-Worm.Lentin 21.6%
3. I-Worm.Klez 14.0%
4. Macro.Word97.Thus 3.1%
5. I-Worm.Hybris 1.1%
6. I-Worm.Magistr 1.0%
7. Macro.Win97.Marker 1.0%
8. I-Worm.Sircam 0.7%
9. Macro.Word97.Flop 0.7%
10. Macro.Word97.Ethan 0.5%
11. Macro.Word97.TheSecond 0.5%
12. Macro.Word97.Onex 0.4%
13. Macro.Word97.Story 0.3%
14. I-Worm.Cervivec 0.3%
15. Joke.Win32.Train 0.3%
16. Backdoor.Death 0.3%
17. Macro.Word97.Dig 0.3%
18. Macro.Word97.Melissa 0.3%
19. Trojan.PSW.Gip.113 0.2%
20. Trojan.Win32.Erase2002 0.2%

Sophos' top ten viruses for the month:
1. W32/Bugbear-A 77.6%
2. W32/Klez-H 6.2%
3. W32/Opaserv-A 2.5%
4. W32/Yaha-E 1.1%
5. W32/Badtrans-B 0.8%
6. W32/Nimda-D 0.7%
W32/Opaserv-C 0.7%
W32/Opaserv-D 0.7%
W32/ElKern-C 0.6%
10. W32/Opaserv-B 0.5%
Others 8.6%

Central Command's top 12 viruses and worms for the month:
1. Worm/Klez.E (incl. G variant) 23.4%
2. Worm/BugBear 20.9%
3. W32/Yaha.E 11.5%
4. W32/Elkern.C 8.2%
5. Worm/W32.Sircam 6.0%
6. W32/Nimda 4.4%
7. W32/Magistr.B 3.8%
8. W95/CIH 3.1%
9. W95/Hybris 2.9%
10. W32/Funlove 1.4%
11. W32/Magistr.A 1.2%
12. Worm/Opasoft 0.7%
Others 12.5%

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: