Swiss banking giant UBS is warning its e-banking customers against a new computer virus which steals password information from infected computers. The virus, similar to the Love Letter bug, specifically searches for UBS PIN software installed on a user's computer.
In a statement, UBS says its IT team set up virus filters yesterday morning to prevent the bug from replicating within the bank. The identity of the assailant is not yet known, but the bank says it will prosecute anyone found responsible for the attack.
The bank says only a small proportion of its customer base is at risk from the virus.
Like the "I LOVE YOU" virus, the new vandal is spread via the e-mail programme Microsoft Outlook. The virus comes with "Resume" in the Subject field and an attachment bearing the name "resume.txt.vbs". As soon as this attachment is opened, the virus attempts to steal scratch list numbers from the UBS PIN module. It cannot do so if the user has configured UBS PIN according to the installation instructions provided, says the bank.
Anti-virus software companies are already offering updates that can detect this new virus. UBS recommends that all clients who use UBS PIN install suitable anti-virus software and update it regularly.
Bank customers who use UBS PIN on their PC AND have opened the resume e-mail attachment are being advised to block their e-banking accunts by entering an incorrect password three times, and to then dial a special hotline number on 0848 848 062 without delay.
In a statement, the bank insisted: "Provided the usual Internet security guidelines are adhered to (i.e. never open unfamiliar or suspicious e-mail attachments and use up-to-date anti-virus software), UBS e-banking is a safe and reliable Internet banking solution."
US-based anti-virus group Aladdin says that the unknown author of this attack used an open, public place on a server belonging to the Swiss National Institute of Health, as well as a university server, to distribute it throughout Europe.
Once downloaded, the bug attempts to:
* install a keyboard logger, tracking all the user's keyboard clicks;
* find the UBS bank account PIN number of the user;
* send the collected information to the hackers; and
* send itself to all the names in the address book.
While the vandal has some characteristics similar to those of the Love Letter virus, it is not a variant, says Aladdin.