Feeds

Fresh strain of LoveBug virus is out

FBI investigates, Swiss bank downplays attack

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Updated A new strain of the LoveBug virus is apparently worming its way into Switzerland and Russia, targeting bank account details and passwords.

At present the virus only affects United Bank of Switzerland (UBS) customers.

The virus masquerades as a resume file called RESUME.TXT.VBS attached to an email. It purports to be from a Swiss Internet company looking for a Net programmer. If the attached file is opened, the virus runs the Notepad word processor and displays the following text:

Knowledge Engineer, Zurich

Intelligente Agenten im Internet sammeln Informationen, erkluren Sachverhalte im Customer Service, navigieren im Web, beantworten Email Anfragen oder verkaufen Produkte.

Once active in the system, the virus downloads a password-stealing program called Hooker from the Net which then copies online banking information from the infected computer. Passwords are being sent to three email addresses ct102356@excite.com, acch01@netscape.net and deroha@mailcity.com.

Russia-based virus specialist Kapersky Labs has issued warnings about the virus, and has intimated that the password-stealer was placed on computers at Michigan State University and the National Institute of Health.

Update

The FBI has confirmed that it is investigating the new
variant of the Love bug, following two reported US
infections.

Security experts in the US are warning that the
modified Love bug virus could be used as a road map
for other virus writers, leading to a new epidemic of
viruses designed to steal information from your PC.

And the real threat is not from large scale viruses sent out by people into the wild, but with carefully targeted and specifically designed programs aimed at small groups or individuals.

Swiss bank UBS said that the virus has caused no damage. The bank says only a small proportion of its users are susceptible to the attack and that noone has reported any problems so far. ®

Related Link

More information about the original LoveBug VBScript worm can be found on the Network Associates Site, here.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.