"If I compared it to Nimda, it is going at a much faster rate of infection," said Vincent Weafer, senior director of Symantec's security response team.
hard nearly two years ago, and because of its severity lent impetus to the creation of several security initiatives, including the U.S. government's and Microsoft's .
Weafer predicts that the Bugbear variant won't go into hibernation anytime soon. "The characteristics of the e-mail infectors is such that it could be out there for months and years," he said.
Bugbear.B, , infects a computer system when the user opens up an e-mail attachment containing the virus, or when a version of Microsoft's Outlook e-mail client is present on the system and hasn't been updated to patch a two-year-old flaw. The virus installs a "back door" onto a victim's system to allow an intruder access in the future; runs a program to record and store what the user types on the keyboard; and attempts to spread itself through e-mail, network-shares and, in some cases, via a modem connection.
For the most part, the virus is affecting home users, said Weafer. Symantec has seen almost four times as many reports from consumers as from companies. Normally, the split is closer to 60-40, he said.
E-mail service provider MessageLabs has stopped more than 100,000 copies of the virus at its e-mail gateways, placing the program in the No. 1 slot on the company's list of most prevalent malicious attachments. The service provider filters out unsolicited bulk e-mail, or "spam," and viral attachments on behalf of its clients.
Mark Sunner, chief technology officer for the company, said that Friday will likely be the day with the highest number of infections.
"I imagine that it will probably peak today, but the trail-off curve will be slow," Sunner added. "That's a combination of the fact that it disables the antivirus capabilities (on the infected systems) and that this has really gotten by the reactive desktop products."
Sunner also warned companies that, in spreading, the virus can sometimes grab a legitimate e-mail from the victim's in-box and send that out with itself attached. In some cases, the original e-mail could contain confidential information that could hurt the company if received by a competitor.
The SirCam virus, which started spreading almost two years ago, had, causing embarrassment to many of the companies whose employees became infected.