'BubbleBoy' rewrites virus rules
Hardware Brief

'BubbleBoy' rewrites virus rules

An anonymous virus writer has sent an ominous calling card to several antivirus labs, e-mailing them a self-replicating worm that can spread itself through a user's Microsoft Outlook or Outlook Express client.

The so-called "BubbleBoy" virus is unlike anything the anti-virus software vendors have seen before: It doesn't rely on an executable attachment file, as have predeccors such as the widespread Melissa virus. Instead, all a user has to do is open an e-mail to trigger the virus.

The e-mail launches an embedded Visual Basic Script command that attaches itself to the Outlook address book and mails the e-mail to everyone in the address list.

BubbleBoy is considered low risk by most anti-virus software vendors, because it hasn't been reported "in the wild" and because it carries no data-destroying payload. However, data security companies fear that a mutant form BubbleBoy could be released in the future, harboring a malicious payload.

The full story is posted at www.zdnn.com.