BubbleBoy Virus: Changing the View of E-mail Viruses

Our web site and other sites have preached in the past that one should never opening strange e-mail attachments since any attachments could result in the infection of your system. The introduction of the Bubble Boy virus may change all that in the future.

The Bubble Boy virus is a worm which is a program that makes copies of itself elsewhere in a computing system. These copies may be created on the same computer, or may be sent over networks to other computers.

The name of Bubble Boy refers to TV’s Seinfeld show since the payload of the virus makes references to Vandelay Industries and characters of the Seinfeld show.

This virus proves that you no longer have to open an attachment to infect your system with a virus, because merely opening the e-mail message carrying the BubbleBoy virus can infect your computer system. In this case there is no dangerous payload. A payload is intended objective of the virus. However, undoubtedly copycat viruses will create the same type of viruses that do deliver dangerous payloads.

The Bubble Boy virus will send itself to every contact in every Outlook or Outlook Express e-mail address book. You will not know that your system has been infected since there are no effects to a user’s system other than the change of the system’s registered owner and organization to "BubbleBoy" and "Vandelay Industries" respectively.  The actual e-mail message will come to a user’s system with the “from” line referring to the person who unintentionally sent it and the subject line reading, "BubbleBoy is back!" The body of the message will contain a black screen and the text, "The BubbleBoy incident, pictures and sounds," along with an invalid URL ending in "bblboy.htm."

This virus currently only infects Internet Explorer 5 (IE 5) with Windows Scripting Host installed, which is standard in Windows 98 and Windows 2000 installations. It does not apparently run on Windows NT, at this time.