'Bubbleboy' virus could become lethal
Researchers have discovered what they believe to be the first e-mail-borne computer infection that doesn't require a user to open an e-mail or e-mail attachment for it to wreak havoc. Dubbed ``Bubbleboy'' after an episode of TV sitcom ''Seinfeld,'' the virus is known as a worm because it is self-propagating. Researchers at antivirus software firm Network Associates Inc. received the computer infection anonymously Monday night at about 10 p.m. local time. Story to follow. --
http://www.zdnet.com/zdnn/stories/bursts/0,7407,2390764-1,00.html
-- kevin (innxxs@yahoo.com), November 09, 1999
Answers
Does anyone know what Network Associates uses for their e-mail?
-- (cannot-say@this.time), November 09, 1999.
The techies and "entrepreneurs" have been so hot to create the latest
"cool" app, that the ramifications of their creations have not been
considered. Especially security.
Consider that if a site can send you a "cookie" (which means it can
WRITE data to a file on YOUR COMPUTER, then read that data at some
future date), there is not reason the supposed safeguards cannot be
defeated, so as to write to ANY file or delete any file, or send to
you and EXECUTE on your machine a malicious program, or read any
other file on your computer (like a personal data file containing your
credit card numbers, porn collection, e*trade password, etc.)
Consider the e-mail viruses that can read your e-mail address book ans
send a copy of the virus to all on your list.
Consider Java script and Java, which remotely interact with your
computer.
Consider that your operating system, being network enabled, allows
your machine to be remotely controlled.
As long as your computer can be remotely taken control of, AND IT CAN,
your security and privacy is at risk.
The only solution is operating systems, browsers, and e-mail programs
which DO NOT ALLOW, under any circumstances, remote control of your
machine. Nothing less will do.
Now, I can hear the screams from all the IS people that want networks.
I can hear the screams of all the internet vendors who want to mine
your files for "demographic" data. F*em.
It's only a matter of time until we are all bitten. Maybe "Bubbleboy"
is it. If BB is real, it means the end of e-mail until a whole new
operating system and browser combination is available.
-- A (A@AisA.com), November 09, 1999.
To add one point. All the anti-virus programs (Norton, Symantec,
Network Associates, etc.) are merely a band-aid, trying to stop a
HEMORHAGE. They will ALWAYS be a step behind the virus makers. The
reason being is that the present operating systems, browsers and
e-mail systems are FUNDAMENTALLY vulnerable.
Just like Y2K, patches and workarounds are no substitute for a
systematic COMPLIANCE (using YYYYMMDD) in ALL data and programs).
-- A (A@AisA.com), November 09, 1999.
A
To some extent, you are very correct.... if the e-mail system is a
windows type system. If the front end of the system is Unix or
something different, you may be able to kill the virus before it
spreads. Most of the virus are written to execute on a windows
platform, thus will not hurt the other OS's out there. It is
something to think about... having a unix front end, running a
program to identify and kill the virus, before passing it along to
the various window clients. Just my 0.02
-- (cannot-say@this.time), November 09, 1999.
So another fan of Bill Gates' writes an incredibly dangerous virus;
notice that it specifically targets Outlook and Outlook Express. The
mutations off "Bubble Boy" will be enough to bring a lot of machines
to their knees. Regarding A's comments, both JavaScript and Java can,
and have, take advantage of software shortcomings on your pc - and
right from the web. The most recent example that comes to mind is a
17 year old in NY put together a JavaScript program that was able to
read into the cache on Netscape Navigator 4.X. Doesn't sound too
dangerous? First of all, the script is interacting with files on your
machine. Second, if you have sensitive info in your cache (i.e.
credit card #s) from secure sites chances are you don't want it read.
-- Mori-Nu (silkenet@yahoo.com), November 10, 1999.
MSNBC reported: "A long-feared new breed of computer virus has
finally emerged, according to antivirus firms. The so-called
BubbleBoy virus can infect Internet users when they open, or even
simply preview, an infected e-mail. �Historically we�ve always said,
as long as you don�t open attachments, you�re safe,� Network
Associates spokesman Sal Viveros said. �That�s not true any more.�
�Bubbleboy� is a �proof of concept� virus that has no dangerous
payload, meaning it doesn�t attempt to delete or alter files. But it
does have the ability to create a �Melissa-like� mail storm as it
sends copies of itself to every e-mail address in the victim�s
address book...The problems are caused by e-mail readers that render
HTML, like Microsoft�s Outlook or Eudora Pro. Since these programs
allow Web-page-like formatting within the body of the message, they
also allow execution of code. With Outlook Express, that code can be
executed even before the message is open, thanks to the �preview
pane� included with the software."
-- BH (bh_silentvoice@hotmail.com), November 10, 1999.
PALO ALTO, Calif. (Reuters) - Researchers have discovered what they believe to be the first e-mail-borne computer infection that doesn't require a user to open an e-mail or e-mail attachment for it to wreak havoc.
Dubbed ``Bubbleboy'' after an episode of TV sitcom ''Seinfeld,'' the virus is known as a worm because it is self-propagating. Researchers at antivirus software firm Network Associates Inc (Nasdaq:NETA - news). received the computer infection anonymously Monday night at about 10 p.m. local time.
``Historically, as long as you don't open e-mail attachments you're safe from virus infection, but this changes all that,'' said Sal Viveros, a marketing manager at Network Associates. ''We've finally come to the point where if you're using e-mail, specifically (Microsoft Corp (Nasdaq:MSFT - news).'s) Outlook, you need to have some sort of virus protection or you shouldn't read e-mail.''
Although the Bubbleboy virus that researchers received last night didn't cause harm such as deleting files or stealing passwords, it won't be long before variants crop up that are indeed destructive, Viveros said.
``In this case, it's just sending itself all over the place but it could fairly easily delete files or steal passwords,'' Viveros said.
Bubbleboy appears as an e-mail with ``Bubbleboy is Back!'' in the subject line and includes pictures and sounds from the Seinfeld episode that gave it its name.
Bubbleboy follows other e-mail-borne viruses that have already swept the Internet such as the ``ExploreZip worm,'' which can erase files from a user's computer, and the Melissa virus, which gained notoriety for its ability to spread quickly but not because it destroyed any data.
Network Associates gave Bubbleboy a ``low risk'' classification for now because customers haven't yet notified it that the virus has appeared on their computers.
What makes this worm particularly nefarious is that if a user is running Outlook Express and has the preview pane enabled, the worm can infect the computer without the user even opening the e-mail.
The preview pane in Outlook Express lets users scan e-mails to see their contents without having to open them first. Other e-mail programs such as Exchange and Lotus Notes are also vulnerable, Viveros said.
``Now just by reading an e-mail you can be infected, and if you're using Outlook Express you don't even need to read it,'' Viveros said. The worm will then send itself to everyone listed in that e-mail program's address book.
Bubbleboy refers to a Seinfeld episode in which a boy who lives in a bubble because of a faulty immune system is a big fan of Jerry Seinfeld, who plays himself as a stand-up comic on the popular series. Jerry and George Castanza, a friend of Jerry's, visit the boy and play Trivial Pursuit.
But the answer on one of the cards is misspelled, and the boy in the bubble and George get into a fight. The fight ends with George accidentally popping the boy's bubble.
``But unfortunately, this virus is not very funny,'' Viveros said.
-- Sysman (y2kboard@yahoo.com), November 10, 1999.
I heard on the radio that it affects Microsucks Internet Explorer (IE)
-- but one never knows if the reportage was right and they really
meant Outlook, or IE. Just a precauutionary note.
No mention of Netscape, yet, but that doesn't mean there couldn't be a
problem.
Since Microsucks now has about 75% of the browser market since Billy
Boy bundled it with Windows, obviously IE would be the first target.
I would switch to Netscape, myself, if I wasn't already using it.
In any event, taking a hint from one of the above posts, it would be
advisable to turn off, in your browser, if you can, the HTML enabling
for e-mail.
-- A (A@AisA.com), November 10, 1999.
At work, my Netscape is v 4.61. I can turn off HTML for sending
e-mail, but can't turn it off for receiving, as far as I know. Am I
going to have to start saying that Netscape sucks as well as
Microsucks?
I won't know about my home version of Netscape until later.
Maybe this will spark a resurgance in the "old-fashioned" fax machine,
but maybe with OCR to create text from the faxes received.
Or -- anyone know anything about "Opera" browser? Does it handle
e-mail. Does it do it securely (HTML "off" option)?
-- A (A@AisA.com), November 10, 1999.
Newspaper article says "This virus affects computers with Windows 98
and some versions of Wndows 95 that also use Microsoft's [Microsucks']
Internet Explorer 5.0 and Outlook Express Web browser and e-mail
programs. It apparently does not affect Netscape's e-mail programs
...
[] and bold added.
Yes, Micro sucks.
A patch is available free at www.mcafee.com
-- A (A@AisA.com), November 10, 1999.
New article at:
http://www.zdnet.com/zdnn/stories/news/0,4586,1018067,00.html
-- A (A@AisA.com), November 10, 1999.
Moderation questions? read the FAQ