Type-Tracking Internet Worm Spreading

An Internet worm that leaves infected computers vulnerable to future hacking by tracking what is typed on the keyboard, including passwords and credit card details, was spreading rapidly, computer security companies warned. The worm, called “Badtrans,” spreads through Microsoft Corp. Outlook or Outlook Express e-mail programs and automatically sends itself to unanswered e-mails, several anti-virus companies say.

The attachment, which contains the program, can be executed simply by reading or previewing it and doesn’t need to be double-clicked or opened separately, experts said. The worm contains a keystroke logger that can be used to record what people type to obtain passwords and credit card numbers, they said.

“It does no damage to files but does drop a backdoor trojan on the machine, which would allow a hacker to come back and access personal information,” said April Goostree, virus research manager at McAfee.com.

While corporate e-mail gateways are blocking the worm, many home and small office computer users who aren’t up-to-date on their anti-virus software are getting infected, she said.

The worm, a variant of one discovered in April, has hit at least 50 countries, with most of the infections in Germany, Great Britain and the United States, said Britain-based MessageLabs, which reported receiving 400 copies an hour this weekend.