Bagle variants spreading fast
Bagle variants spreading fast
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Three more Bagle variants on the loose

Latest mutations disable antivirus and security tools

Steve Ranger, vnunet.com 01 Mar 2005
ADVERTISEMENT

Three newly discovered variants of the Bagle virus are running wild on the internet, security experts warned today.

IT security company F-Secure said that Bagle BB, BD and BE are spreading fast. The firm's senior security consultant Patrik Runald added that there is a "strong possibility" that the same person is behind all three.

Bagle BB was spammed out in email overnight to as many as 100,000 people. F-Secure has issued a 'level two' alert about Bagle BB, which is a Trojan downloader.

This variant does not send emails from infected machines, but drops files like 'winshost.exe' and 'wiwshost.exe' and attempts to disable a range of antivirus and security tools.

"Any Trojan which turns off your antivirus or firewall can open you up to further attack, even by very old viruses," said Graham Cluley, senior technology consultant at Sophos.

"My advice is keep your antivirus automatically updated and always be suspicious of unsolicited email attachments."

Bagle BB also overwrites the host file with entries to prevent access to a number of antivirus websites, and tries to download an executable named 'zo2.jpg' from dozens of different download sites.

"As usual, most of these download sites do not contain such a file now, but at a later date they will contain different spam proxies or backdoors," warned F-Secure.

The Bagle BD variant works in a similar way, while the BE variant spreads in a more traditional way by email, said Runald.

But rather than harvesting email addresses from the infected machine to spread further, this variant accesses a web server on the internet. Bagle BD also tries to install a backdoor into infected machines.

See also:

Alliance aims to 'spread cyber-terror'
Virus authors form unholy alliance
Bagle, Zafi and Netsky coders thought to be working together  08 Mar 2005
Downloader attempts to disable antivirus and security tools
Bagle.dldr Trojan runs riot
Security firm ups risk assessment as virus onslaught gathers pace  02 Mar 2005
Bagle BM mutant strikes
Fourth Bagle variant spotted today
Security firm predicts new wave of virus attacks  01 Mar 2005
Security
Security
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.  15 Apr 2004

All Enterprise Security Technology

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
IT Business Analyst
Leek Wootton, United Kingdom | Warwickshire Police
 IT Business Analyst - Leek Wootton, Warwickshire - £29,112 - £31,491 PA - 37 hrs per week   Everyone who works for Warwickshire Police helps to protect our communities from harm. Work with us and ... more >
Analyst/Developer
United Kingdom | Nottingham University NHS
Analyst/Developer - Nottingham University NHS - £24,103 - £32,653   An analyst/developer is required within the Systems Development Section of Nottingham University Hospitals ICT Services. The successful applicants will be part of a team whose ... more >
PMO Support Analyst
Telford, Shropshire, United Kingdom | EDS
EDS are currently looking to recruit a PMO Support Analyst to join our Project Management Defence team in Telford, Shropshire. Summary: Within DII Service Management. To perform the PMO function for SM Service Introduction. This ... more >
Environment Manager
Reading, Berkshire, United Kingdom | EDS
Position # 395423 Environment Manager Location - Reading, Berkshire Job Description: There is a requirement for an Environmental Manager for the Sandpits environment. This position is to act as the single point of contact for ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Feedback . Contacts
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . IT Week . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503