"We have discovered a previously unknown functionality within the 32Bugbear.B worm and is strongly advising financial institutions worldwide that they may be at greater risk of exposure," antivirus software firm Symantec said in a statement.
The company said on its Web site this new discovery specifically affects employees of financial institutions.
When the worm finds names of banks in a victim's mailbox, it tries to send sensitive data such as cached passwords and keystrokes to one of 10 public e-mail addresses included in its code.
The Win32.Bugbear.B belongs a new, worrying class of email worm that not only attempts to clog networks through malicious replication, but also attempts more serious forms of criminal activity.
According to a report from the Associated Press, the U.S. government has issued a similar warning and the FBI is currently looking to what security experts believe to be the first Internet attack aimed at a specific economic sector.
The report said professionals who studied the make up of the new Bugbear worm have found a list of about 1,200 Web addresses for many of the world's largest financial institutions in its code. These include JP Morgan, American Express and Citibank.
These experts believe the BugBear software was programmed to scan mailboxes looking for signs that the victim is a bank employee. If there is a match, the worm then steals passwords and other information and sends them to the 10 e-mail addresses, making easier to compromise the bank's network in future, said the report.
No major bank has yet to report a security breach as a result of the worm, according to news reports.
Soon after it surfaced last Wednesday, security software firms have upgraded the Win32.Bugbear.B virus from a medium level threat to high due to the rapid rate of infection.
To date, Symantec said it has received 8,932 reports, with 245 of them being corporate customers.
Play video
There are currently no comments for this post.