W32/AutoRun.BBC!worm

The W32/AutoRun.BBC!worm malware infection is a worm that also has characteristics of a computer virus. The W32/AutoRun.BBC!worm is created to spread from one computer to another. In the case of W32/AutoRun.BBC!worm, this malware infection includes a keylogger component that records all keystrokes on the infected computer's keyboard, saves them to a file, and then sends it to a third party. W32/AutoRun.BBC!worm typically spreads from one infected computer to another and, initially, from email spam messages containing malicious file attachments or embedded links. Other sources for a W32/AutoRun.BBC!worm infection include an infected external memory device and attack websites designed specifically to install W32/AutoRun.BBC!worm on visitors' computers.

Once the W32/AutoRun.BBC!worm manages to breach the infected computer's security (by using social engineering tactics to have the victim open its executable file or by running automatically from an infected external drive), the W32/AutoRun.BBC!worm will copy itself to the victim's system directory and create an OCX file named 'oracle' which remains hidden and is where W32/AutoRun.BBC!worm will store its stolen data. W32/AutoRun.BBC!worm also makes changes to the Windows Registry to ensure that W32/AutoRun.BBC!worm runs automatically when the infected computer starts up. Once W32/AutoRun.BBC!worm has done this, W32/AutoRun.BBC!worm creates a backdoor into the infected computer by making changes to the Windows Firewall. Using this backdoor, criminals can communicate with the W32/AutoRun.BBC!worm, send W32/AutoRun.BBC!worm instructions and retrieve stolen data from the infected computer. As part of its attack, the W32/AutoRun.BBC!worm also disables System Restore, Windows Error Reporting and User Access Control alerts in order to make it more difficult for the victim to detect its presence or deal with the aftermath of a W32/AutoRun.BBC!worm infection.

As the holiday season approaches, PC security researchers have observed spam email campaigns that take advantage of this fact. The W32/AutoRun.BBC!worm has been detected in spam email messages that trick computer users into believing that they have received an electronic greeting card. These malicious email messages look highly authentic and often include a flash animation that instructs the recipient to open an attached ZIP file in order to view their 'Christmas Card'. However, opening this file attachment actually installs the W32/AutoRun.BBC!worm on the victim's computer. Another spam email campaign associated with the W32/AutoRun.BBC!worm offers holiday deals on popular gift ideas and includes embedded links that supposedly lead to these special sales. Actually, these links lead to attack websites that attempt to install W32/AutoRun.BBC!worm on the victim's computer.