05 Jun 2003
Bugbear reloaded: New variant of virus spreading widely, warns Sophos
Sophos has issued a warning to its customers about a new
email-aware virus which has spread widely across the internet.
The Bugbear-B virus (also known as W32/Bugbear-B) spreads
by sending itself in emails, and by copying itself across networks.
It is based upon the original Bugbear worm (W32/Bugbear-A) which was
the second most
commonly reported virus in 2002. However the new version has a
new trick up its sleeve - it is polymorphic, meaning it changes its
appearance in an attempt to avoid detection.
Sophos believes there is a chance the virus will become even
more widespread as computer users in North America wake up and
begin to access their email.
"Viruses which spread via email often follow the sun," said
Graham Cluley, senior technology consultant for Sophos Anti-Virus.
"As the day begins in countries around the world users will open
their email and may open dangerous attachments. It is essential
that updated anti-virus and other measures are in place to ensure
business continuity."
Sophos has updated its anti-virus products to protect businesses
against Bugbear-B, but also offers the following tips to computer
users:
- Update anti-virus protection in order to detect and prevent
Bugbear-B. Consider introducing procedures for rapid updates to
prevent infection from these fast spreading worms and viruses.
Sophos Enterprise
Manager is one way to help automate protection updates inside
your company.
- Businesses should block all Windows programs at the email
gateway. It is rarely necessary to allow users to receive programs
via email. Sophos
MailMonitor for SMTP contains threat reduction technology which
can help you block dangerous filetypes and executable code at the
email gateway.
- Ensure computers using Outlook, Explorer or Outlook Express are
running the latest updated versions. Bugbear-B exploits
vulnerabilities in some versions of Microsoft's software, but
patches have been available for two years.
- Follow safe computing practises: technologies such as mail
filtering, firewalls and anti-virus are not "fit-and-forget"
solutions. Users still need to act responsibly, especially when
dealing with unexpected emails containing attachments.
Bugbear-B quick links:
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.