ID theft a growing concern with new virus generations

Chicago (IL) - While many users consider worms such as Netsky or Bagle just annoying, antivirus firms and federal authorities warn that malicious code can cause considerable damage. "Phishing" for critical data and ID theft are on the march to raise virus threats to a new level.

With new virus warnings published now several times a week, even serious threats to networked computers become more or less an accepted phenomenon of the Internet. Spreading faster than ever before, an infection with malicious code often is just considered as annoying and not as dangerous.

While worms appear to be primarily clogging email traffic, experts advise users to be aware of other effects of an infection. "We are worried about identity theft. Many worms carry key loggers, turn themselves on when you visit certain websites, record information and then send it out," said Joe Telafici, Director of McAfee’s AVERT division which focuses on anti virus warning and response issues.

According to Telafici, the threat level caused by malicious code is on a sharp increase. "Anti virus software today is the last line of defense. Especially when there is a broadband connection, users really need a firewall to protect themselves from infections."

Paul Brasson, spokesperson for the Cyber Division of the FBI agreed with Telafici’s concerns. "My Doom brought a whole new generation of code. We recognize more and more a financial motivation behind viruses such as stealing credit card numbers and providing captured computers to spammers." Brasson said that the FBI gets only involved in investigations, when considerable damage is caused by a virus. At this time, the FBI is investigating the origins of the worms My Doom, Sobig, and Blaster.

Despite continued education of computer users and the often repeated advice, not to open email attachments viruses are spreading faster than ever before, according to Telafici. He believes that the "sensationalism" of arriving emails a few years ago has traded spaces with pure "curiosity" : Users are attracted to open attachments emails with empty subject lines and bodies. Other reasons for rapid distribution are multiple spreading mechanisms built into new viruses, which experts call "blended threats" as well as short or no warning times before new viruses attack.

"About 70 percent of viruses appear on websites or forum boards and never make it to the wild. But 10 to 20 percent of viruses come as a total surprise. A few years ago you saw a certain ramp up in appearance. Today, viruses are out immediately on thousands of computers," said Telafici. Tools provided on the Internet allow virus authors to get their software out quickly, he added.

On Friday, McAfee has raised its threat level of the most recent Bagle virus variant W32/Bagle.u@MM,m also known as Bagle.u. The company said the virus appears to have caused most infections in France, but would be moving across the Atlantic Ocean. Arriving as EXE file attachment in an empty email, Bagle.u opens TCP port 4751 for remote connections.