Financial institutions worldwide have gone on red alert following the discovery of a malicious Internet virus designed to sniff out passwords at some 1200 named banks.
The BugBear.B infection, a variant on the original BugBear virus from last September, first appeared Thursday, 5 June. By Friday it had spread to tens of thousands of consumer computers across the Internet.
The worm includes key-logging software that enables a hacker to take control of infected machines and download a file containing the user's keystrokes, including information entered on banking Websites such as passwords or credit-card details.
The US Federal Bureau of Investigation is urgently trying to trace the source of the virus, which is programmed to search infected computers for domain names from major banks worldwide. The FBI believes the virus may represent the first Internet attack aimed primarily at a single economic sector.
The Financial Services Information Sharing and Analysis Center, the US bank cybersecurity group, issued a high priority alert to the nation's banks after virus experts discovered the banking domains hidden in the BugeBear.B code. In a report to the Treasury Department and banking regulators yesterday, the FSISAC said that it was unaware of any losses to banks as a result of the infection.