1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

'Badtrans' worm picks up speed INFO

Discussion in 'Virus & Other Malware Removal' started by brianF, Nov 26, 2001.

Thread Status:
Not open for further replies.
  1. brianF

    brianF Thread Starter

    Dec 2, 1999
    'Badtrans' worm picks up speed
    November 26, 2001 Posted: 6:03 p.m. EST (2303 GMT)
    By Daniel Sieberg
    CNN Sci-Tech

    (CNN) -- An Internet worm that leaves a backdoor for hackers and allows them to record keystrokes spread rapidly Monday, officials of several antivirus companies said.

    The worm, called "Badtrans.b," is a variant of an earlier identified worm and sends itself out through versions of Microsoft's Outlook and Outlook Express e-mail programs.

    It was reported to have infected thousands of computers in the United States and Europe by late afternoon on Monday and was continuing to propagate. To date, security firm MessageLabs said it has captured more than 13,000 copies of the worm.

    "The fact that this worm can log private details through key strokes has huge implications for personal and corporate confidentiality and underlines the recent advances in virus writing techniques," said Andy Faris, president of MessageLabs Americas.

    Faris said home users are the most susceptible to Badtrans since most corporations can stop it at the Internet gateway.

    What troubles security experts most is that if users are viewing e-mail in the preview pane of Outlook, the worm can be spawned without even clicking on an attachment. Double-clicking on the attachment will also launch it.

    "It's certainly not on the scale of 'Love Letter' or even 'Sircam.' But the way it exploded over the last two days, it's certainly in the Top 5 Internet worms for this year," said April Goostree, virus research manager at antivirus firm McAfee.

    Once Badtrans is launched, it begins distributing files on the infected user's machine and installs the backdoor program, giving a potential hacker remote access. The damaging payload also drops a "keylogger" program that records everything a person types -- a means to steal credit card information and passwords.

    Goostree said the keystroke data was being sent to a Web site that has subsequently been shut down. She said it was unclear how many people may have had access to it, and she was also not aware of any reports of people's information being stolen to date.
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/59742

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice