(CNN) --The stealthy Bugbear worm continued on a ravenous digital path this

[Guest guest]

(CNN) --The stealthy " Bugbear " worm continued on a ravenous digital path

this

 

week, prompting anti-virus firms to escalate warnings from moderate to high

and leaving thousands of computers worldwide at the mercy of hackers.

 

But initially, at least, the virus was not causing major problems for

computer users, because its purpose appeared to be to open communication

ports on infected systems and to replicate itself, not to destroy files.

 

" It appears to be designed by someone who intended to steal credit card info

 

or other data, not necessarily destroy files, " said George Stagonis, a

researcher for anti-virus company Central Command.

 

While experts hoped the bug would be contained at its source in Malaysia on

Monday, the virus rapidly made its way around the world as users in Asia,

Europe, Canada and the United States fired up their computers to check

e-mail. At least 120,000 people reported infections to British anti-virus

firm MessageLabs by Friday. Thousands more logged attacks in Ireland,

Australia, Canada and the United States.

 

The number of new cases reported daily is rivaling, and even exceeding, that

 

of the better-known Klez virus, a similar bug that hit millions of computers

 

this year.

 

Central Command received 5221 reports of new infections Thursday -- evenly

split between the United States and Europe. The company booked an average of

 

4,000 daily Klez infections when that virus was at its height, Stagonis

said.

 

" We don't think it's peaked yet because it's staying way ahead of people

updating their anti-virus software, " said George Stagonis, a researcher for

anti-virus company Central Command.

 

What makes the virus dangerous?

Bugbear, also known as Tanatos, doesn't destroy files like its viral cousins

 

" Melissa, " " Michelangelo " and " Iloveyou. " Instead, it disables popular

firewall and anti-virus protections and prepares a port that can receive

instructions from remote users.

 

That is what makes the virus so dangerous, experts say. Hackers aware of

this

 

vulnerability will search for open ports on infected computers. Once found,

attackers can access passwords, view or destroy data and get reports of

keystrokes being entered âEUR " including credit card numbers and other

sensitive

information. All of this happens without the knowledge of the hacked

computer

 

owner or business.

 

Silent spread

When the virus first appeared, anti-virus gurus were unable to mirror the

spread of the bug in their labs. Many thought Bugbear would remain a minor

threat.

 

" We still haven't managed to replicate it in our labs, but obviously it's

replicating, " said Alex Shipp, a tech with MessageLabs. " One of the theories

 

is that this requires an Internet connection in order to spread. "

 

The virus spreads quickly by disguising infected messages as " replys " or

" forwards " to an existing message. It targets known vulnerabilities in

Windows systems and has no trouble moving through banks of networked office

computers, said Vincent Weafer, of Symantec Security Response.

 

" Once it gets into a machine it will try to replicate itself from machine to

 

machine, " Weafer said.

 

Avoid infection

While the virus is difficult to spot, there are ways to avoid it.

 

The file can arrive in mails with varied subject headings, but almost always

 

it has an attachment that is 50,668 bytes, Shipp said.

 

Also, computer owners should make certain that Internet Explorer's I-FRAME

patch is installed, which prevents the bug from automatically downloading

itself from an infected message. And they should update to new versions of

Microsoft Outlook message program, which are less prone to infection.

 

The one bright spot in all of this, said Shipp, is that many people are

updating their anti-virus software and making sure firewalls are up, which

appears to be killing off the Klez virus.

 

The bad news is " this new one is just as bad, if not worse, than Klez, "

Shipp

 

said.

 

 

 

 

 

Lynn and the Min Pin Mob

And my Angel Raven who awaits