Virus name: Bugbear (also known as Tanatos or Bugbear.B).
Origins: Bugbear (and its June 2003 variant, Bugbear.B)
is a mass-mailing worm that, once it infects a target system, can log keystrokes, enable a backdoor trojan, and stop antivirus and firewall programs. It replicates itself by sending out e-mail to addresses harvested from infected systems using subject lines such as the following:
25 merchants and rising
Announcement
bad news
CALL FOR INFORMATION!
click on this!
Correction of errors
Cows
Daily Email Reminder
empty account
fantastic
free shipping!
Get 8 FREE issues - no risk!
Get a FREE gift!
Greets!
Hello!
Hi!
history screen
hmm..
I need help about script!!!
Interesting...
Introduction
its easy
Just a reminder
Lost & Found
Market Update Report
Membership Confirmation
My eBay ads
New bonus in your cash account
New Contests
new reading
News
Payment notices
Please Help...
Re: $150 FREE Bonus!
Report
SCAM alert!!!
Sponsors needed
Stats
Today Only
Tools For Your Online Business
update
various
Warning!
wow!
Your Gift
Your News Alert
The messages sent out by Bugbear can exploit vulnerabilities in some versions of Microsoft Internet Explorer and Microsoft Outlook that enable it to execute automatically when an infected e-mail is viewed. You can protect your PC from infection by Bugbear by downloading and installing the preventive patches offered by Microsoft for these security holes in Microsoft Security Bulletin MS01-027 and the Cumulative Patch for Internet Explorer Q323759.
If your system has already been infected by Bugbear, a removal tool can be obtained from Symantec or from F-Secure.
See the links below for more information on how to detect and remove Bugbear.
Sources:
