CA anti-virus expert Jakub Kaminski this evening confirmed the company's anti-virus laboratories had received their first sample of the variant from an Australian user late Thursday afternoon -- but had seen nothing from their customers since.
Kaminski said, however, reporting of the variant worldwide was likely to increase tonight as European and United States residents awoke and accessed their e-mail inboxes. "Probably tomorrow, we should have more records from Australian users," he told ZDNet Australia .
He predicted that the variant -- known by MessageLabs as W32/Kimjo.A - mm -- would spread widely over the next couple of days, before increased consumer awareness, anti-virus vendors updating their offerings and users subsequently installing new patches slowed its progress.
While home users face the greater individual threat from the variant, the infection of a large corporate network would see it "truly spread like wildfire" due to its propensity to try to propagate through e-mail addresses found by searching through specific files, Kaminski said. However, most companies who are up to scratch with their virus defenses automatically block the file extension types through which the variant is delivered -- .pif, .scr and .exe.
Kaminski said the variant differs from the original Bugbear virus due to its propensity to infect selected .exe files, its "slightly" polymorphic nature [it varies from generation to generation] and the size of the e-mail attachment (72,192 bytes, UPX packed).
