British Telecom has admitted infecting the computers of dozens of its internet customers with a virulent new computer virus which can tap passwords for websites such as online banks.
A spokesman for BT Openworld said it had sent e-mails from its support department to a number of customers at the end of last week which contained a virus called Badtrans. This has become the most pervasive computer infection on the internet within a matter of days.
Millions of home and business PCs in up to 40 countries around the world are believed to have been infected with the virus, which was first spotted at the end of last week in the UK.
Its origin remains unclear. The virus did not originate with BT, but does infect Windows PCs using the Outlook Express e-mail client – which BT uses in its support department. A spokesman for the company said the number of customers affected was in "double digits".
The embarrassment for BT was heightened because it made exactly the same mistake in September, when it sent copies of an earlier version of Badtrans to many subscribers. BT said it had reviewed its security procedures since then and "taken action".
The virus sends copies of itself to the senders of any unread e-mails in the infected computer's system. It also implants a hidden "key-logging" program that records every keystroke on the user's machine – potentially allowing it to record passwords for sensitive information such as online banking websites.
Although anti-virus companies have identified the e-mail accounts which would receive the password details, they are web-based accounts which make it impossible to identify the virus writer.
BT has apologised to the people who were affected. A spokesman said: "As soon as we realised what had happened, we closed our e-mail system and ran virus-checking software."Reuse content