A new email-aware worm, Bibrog-B, poses as a computer game in an attempt to dupe users.
The worm, which is spreading (modestly) by email and through file sharing networks, is more subtle and devious than most Windows worms. Its payload contains not just malicious code but a shooting game too.
When users infect themselves via a virus they might notice something is wrong with their PC. The game component of Bibrog-B masks its true purposes.
While the shooting game is running, the worm is copying itself across the user's hard drive and preparing to forward itself to all contacts in the Outlook address book, or via file-sharing networks.
In a particularly devious twist the worm makes changes to an infected user's Internet browser so that it can display fake versions of genuine Web sites such as Hotmail, Citibank, MSN and Yahoo. Security firms believe this is an attempt to steal usernames and passwords.
"Many people assume a virus that destroys data is as bad as it gets. However, a virus which can swipe confidential details such as account information is a much greater potential danger," said Graham Cluley, senior technology consultant for Sophos Anti-Virus.
More details of the Bibrog worm are available here.
The payload of the worm comes in the form of an executable attachment. Blocking such attachments in email, which have little or no legitimate use, is probably the simplest and most effective way to guard against Bibrog and other similar viruses. ®