BT mails virus to customers

And you thought spam was annoying...

And you thought spam was annoying...

BTopenworld has been infecting its customers with a virus from its support centre. Independent IT consultant Richard Haselgrove sent an email to BTopenworld customer support last Tuesday (20 November) following the massive network outage. He received no response until Friday (23 November), when a blank message headlined "re: service failure" arrived in his inbox. The message contained no text, but did have an attachment, entitled "you_are_fat!.mp3.scr" - which turned out to be the badtrans trojan. Badtrans sends a user's IP address to the virus writer, compromising system security. Haselgrove caught the Trojan because he had installed an update to Internet Explorer called Service Pack Two, which alerts the user if a virus tries to copy itself automatically. During a two-hour conversation with BT's customer support, he was led to believe that BTopenworld's machines weren't running the updated software. He said: "It's a bog-standard precaution against viruses, but BT weren't running it." He claimed that the 20 November 2001 update of Norton Anti-virus didn't detect the problem, but that a recent update would filter it out. Other BTopenworld customers have emailed silicon.com to confirm that they have also received the badtrans trojan from BTopenworld's customer support. Haselgrove has sent an open letter to BTopenworld lambasting them for their weak security. He wrote: "You were grossly negligent and complacent in allowing the BTopenworld support desk to run an email computer not updated to at least Outlook Express v 5.01 SP2 or v 5.5 SP2 - this would have alerted you to the potential problem far sooner. "You were lax and complacent in not referring the suspicious attachment on to a specialist anti-virus company - and continuing to refer until you had received positive feedback, either that it was a false alarm or that it was a genuine threat. "I trust that you will learn the necessary lessons from this sorry episode." BT had failed to comment at time of publication.