|Millions of computers worldwide have been infected by a fast-replicating virus that steals credit card numbers, passwords and online banking details, and security experts said the threat is still accelerating.|
'We have upgraded this threat from a 'category 3' to a 'category 4', our second highest threat level,' said Lindy Yarnold, a computer security expert with Symantec.
'At category 4, that would mean millions of users affected,' she said.
Yarnold said that by yesterday, Symantec was receiving more reports of computers infected by Bugbear than by another powerful virus Klez, which has been plaguing computer users since February.
'The rate of increase in submissions is going up faster than usual,' she said, adding that Bugbear is likely to remain a threat for months.
Bugbear is what security experts call a 'blended threat', carrying out multiple attacks once inside a computer.
It records users' keystrokes to capture passwords or credit card numbers, attaches itself to e-mails and copies itself onto computers.
Security experts warn that Bugbear arrives disguised as attachments to e-mails entitled: Bad News, Market Update, Your Gift, or Membership Confirmation, or possibly labeled with the names of friends or colleagues.
The virus then exploits the user's address book to replicate itself in new emails. Bugbear is so active that some computer users have received emails from themselves containing the virus.
Symantec said the virus infects only computers operating on the Microsoft Windows operating system and uses the Microsoft Outlook e-mail program. Microsoft has admitted flaws in its security.
One sign of the virus is that the size of the attachment is always 50,688 bytes, Symantec added.
The virus is also capable of disabling anti-virus and firewall programs designed to protect computers from attack and can install a 'trojan' that will allow hackers remote access to compromised machines, Yarnold said.