Print
Discuss
Send to friend
RSS feedsBusinesses are being urged to update their antivirus protection after the author of a new Bagle variant launched two mass spamming campaigns to spread the malware.
The BagleDL-U Trojan is enclosed in an email with no header. The message reads 'new price' and contains a zipped attachment.
Once installed it allows the computer to be used as part of a botnet of slave PCs controlled via IRC. It also shuts down any antivirus and anti-spam software and blocks access to security websites.
"This is the second massive email attack phase from this hacker in two days. He is intent on infecting as many people as possible," said Carole Theriault, senior security consultant at Sophos.
"All computer users must avoid opening unsolicited email attachments, and ensure that their antivirus protection is up to date.
"Businesses should also consider blocking all executable code from entering their networks via email. Most companies have no need to receive computer programs via this route, and it dramatically reduces the risk of infection."
The first wave of spammed emails went out between 2pm and 10pm on Monday, and a new phase began again at approximately 2pm yesterday.
All major security vendors now have a signature files for the Trojan, and customers are being urged to update their software immediately.
Bagle is one of the most popular pieces of malware in computer history. It first appeared in January last year and quickly topped the virus charts.
Its prevalence is due to the high number of virus tool kits available online with which people with little or no technical knowledge can create new variants. More than 100 have been detected so far.
See also:
All Hacking
del.icio.us
Digg this
reddit!
