Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation. Bugbear exploits a weakness in an older version of Microsoft's Outlook and Outlook Express programs that enables the virus to propagate itself through the e-mail addresses found on the computer hard drive. A computer infected with the virus opens a backdoor on port 36794/tcp that exposes the computer and its files to control by a remote user. By accessing a log of keystrokes, a remote user can learn various system passwords. Bugbear also can infiltrate the shares in a networked computer environment, including drive shares and printers (causing them to print out unreadable code).
Bugbear arrives as an attachment in an e-mail that may appear to look legitimate and takes advantage of a vulnerability that automatically executes the attachment when the message is opened or simply viewed in the preview pane. Computer users can guard against Bugbear by installing Microsoft patches to the vulnerable versions of Outlook or by downloading the latest antivirus software updates.
Bugbear is also known as Tanat, Tanatos, WORM_NATOSTA.A, and W32/[email protected]