According to an alert from e-mail security company MessageLabs, the virus spreads by e-mailing itself from an infected machine or through network shares, with such innocuous subject lines as "Interesting..." or "Hi!" It is able to repack or modify itself during each generation.
It exploits a known weakness found in Windows, namely Outlook's multipurpose internet mail extensions (MIME) that, if not already been patched, will execute the infected attachment as soon as the e-mail is opened. Where a patch is in place the user has to open the attachment for the virus to take hold.
Once opened, however, the virus is capable of inflicting damage. According to MessageLabs, Bugbear.B can disarm anti-virus or firewall software. It may also install a Trojan into the infected machine. This is a program that is installed onto a computer without the owner's knowledge and once installed will allow a hacker to infiltrate the machine and destroy data or download files.
Paul Wood, Chief Information Analyst at MessageLabs, said:
"Particularly worrying is the fact that not only can Bugbear leach confidential information from an infected machine, but it may also leave a backdoor wide open for hackers to take control of the machine and misappropriate passwords, credit card details or for some other nefarious purpose."