New e-mail worm spreading worldwide

IDG News Service - A new e-mail worm known as W32.Beagle and W32.Bagle is apparently spreading quickly, but assessments about its potential for harm varied, according to warnings issued yesterday by leading antivirus software companies.
The new worm appeared Sunday and spreads by harvesting e-mail addresses from computer hard drives, then mailing out copies of itself to those addresses, faking the "from" address on e-mail messages it sends, antivirus companies said.
The worm arrives in an e-mail file attachment with a randomly generated name and .exe extension. E-mail messages containing the worm have the subject "Hi" and a message body that reads: "Test =)" followed by some randomly generated characters and then "Test, yep," said F-Secure Corp. in Helsinki, Finland.
The worm affects computers running a number of versions of Microsoft Corp.'s Windows operating system including Windows 2000, 95, 98, ME, NT, XP and Windows Server 2003. It is programmed to stop spreading on Jan. 28, 2004, F-Secure said.
Mass mailing worms are common, and Beagle's suspicious subject line and message body should be enough to keep most users from opening the file attachment and infecting themselves. Also, many companies block e-mail messages that contain .exe file attachments, which would stop the spread of the worm, F-Secure said.
However, Beagle appears to be particularly good at harvesting e-mail addresses from its victims and then targeting those addresses with copies of itself, which may account for its spread, the company said.
Assessments of Beagle's threat varied widely yesterday. Symantec Corp. rated Beagle a Level 2 or "low" threat, meaning that the company considered Beagle "reasonably harmless and containable." F-Secure said Beagle was a Level 1 threat, its highest level alert, indicating a worldwide epidemic of a serious new virus, like Nimda.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.