Security Center
eSafe Gateway
eSafe Web
eSafe Mail
SecureSurfing for
   Service Providers
eSafe Mobile
   Security Gateway



New "BugBear" Trojan Can Disable Firewalls and Give Hackers Full Remote Control

CHICAGO, October 1, 2002 - Aladdin Knowledge Systems (NASDAQ: ALDN) today announced its eSafe content security solution with XploitStopper™ is proactively protecting networks against the latest Win32 Trojan, Win32.BugBear without a virus signature update. A quickly spreading, medium-level vandal BugBear can stop the processes of various anti-virus and personal firewalls and give hackers full remote control of infected PCs.

Also known as NATOSTA.A, W32/Bugbear-A, Tanatos, W32/Bugbear@MM, or WORM_BUGBEAR.A, Win32.BugBear arrives as an executable file with a double extension ending in either .EXE or .SCR. Upon arrival it will usually self-execute on unhatched systems vulnerable to the MIME vulnerability.

The email masks itself behind a variety of innocuous subject headers like "$150 Free Bonus" or "Bad news," from a spoofed sender address. Upon execution it will save a copy of itself under a random name in the Windows System directory and will run on every restart or login by inserting itself in the Startup folder. It can also install a keyboard logging program that can collect credit card numbers, passwords, usernames and other sensitive information. BugBear then opens a back door on port 36794 which permits hackers or others to access the log and steal the information it has collected.

Aladdin's Content Security Response Team already reports several infection attempts have been blocked proactively without the need for any update. Because it can create files, send email, permit remote control, enable information theft and stop firewall and anti-virus processes, it could wreak havoc and cause significant commercial and economic damage.

"eSafe's proactive technology continues to prove its value," says Shimon Gruper, Aladdin's executive vice president, Internet Technology. "With a threat like BugBear, out in the wild, traditional anti-virus technologies that rely on scanning and updates won't have what it takes to automatically stop malicious code. Our motto that 'Signature updates are too late' is proven with this latest virus threat."

eSafe's content inspection features stop threats and increase employee productivity while reducing the load on corporate bandwidth. Picked as PC Magazine's Editors' Choice in June, 2001 and again in July, 2002, Aladdin's eSafe Mail and eSafe Gateway products deliver comprehensive set of unique technologies including:
  • XploitStopper™ - prevents exploitation of MS-Exchange and Outlook security holes by hackers, viruses and malicious code
  • GhostMachine™ - catches polymorphic viruses that use mutation and stealth techniques
  • MacroTerminator™ - stops known and unknown Microsoft Office macro viruses
  • SmartScript™ filtering - blocks known and unknown malicious VB and Java scripts embedded in HTML formatted emails
For more information on eSafe please visit

Aladdin Knowledge Systems
Aladdin (Nasdaq: ALDN) is a leader in digital security, providing solutions for software commerce and Internet security since 1985. Aladdin serves over 30,000 customers worldwide. Aladdin's products include: the USB-based eToken device for user authentication and e-commerce security; the eSafe line of content security solutions that protect PCs and networks against malicious, inappropriate and nonproductive Internet-borne content; HASP and Hardlock, hardware-based software security systems that protect the revenues of developers; and Privilege, a software licensing and distribution platform.
Please visit the Aladdin Web site at


All trademarks and registered trademarks are the property of their respective holders.

Press Contact:

Matthew Zintel
Zintel Public Relations
Investor Relations Contact:

Mark Jones
Global Consulting Group


Gateway Content

Implementing SCM
Why eSafe

Virus Protection Proactive Virus

Spyware Protection Spyware Protection
Spyware neutralizer Spyware Neutralizer
Spam Blocker
Application Filtering
Web Filtering
Performance &

Web Browsing Security
Mail Security
SecureSurfing™ for xSP
High-Capacity Solutions
Encrypted Traffic

Security Center (CSRT)
ROI Calculator
Application Level Threats
Brochures/White papers
Partner Solutions
Aladdin in the News
Case Studies
Analysts" Quotes
eConsole Management

Find a Reseller
Request Information
Request Evaluation
Contact Us
Support & Downloads
eNewsletter Sign-up

Privacy Statement      Terms & Conditions      © Aladdin Knowledge Systems Ltd. 1985- . All Rights Reserved.