resource center
  See your link here
|
IDG News Service -
Antivirus companies are warning of another virulent new version of the Bagle e-mail worm, dubbed Bagle.AG.
The new Bagle version was first detected Saturday and is very similar to earlier versions of the worm, which spread through shared file folders and in e-mail messages carrying the worm file as an attachment, according to advisories from Sophos PLC and McAfee Inc. McAfee rated the virus a "medium" threat, citing reports from several customers.
E-mail messages generated by the worm used forged (or "spoofed') sender addresses and vague subject lines such as "Re:," "fotogalary," "Lovely animals" and "Screen." Worm-infected file attachments might be in .zip, .exe, scr or other common formats and also have nonspecific names like "Moreinfo," "Details" or "Readme," antivirus companies said.
Infected file attachments use one of a short list of names including "Foto3," "Secret," "Doll" and "Cat."
The worm can also send copies of itself as a password-protected compressed file with a .zip extension. The password needed to access the .zip file is displayed in a bitmap image file that is embedded in the e-mail message's body, Sophos said.
In recent months, virus writers have used .zip archives and password-protected archives to hide their creations and fool antivirus software trained to look for particular virus signatures like a file size or name. The compressed files are used to shrink one or more larger files, often for transmission on disk or over the Internet. Recipients must decompress or "unzip" the attachments to view the worm file, which they must open to become infected.
When run, Bagle.AG harvests e-mail addresses from files stored on the infected computer's hard drive and installs its own Simple Mail Transfer Protocol engine, which is used to send out large volumes of infected e-mail messages from the machines.
Like earlier versions of Bagle, the AG variant also copies itself to Windows folders that could be used by file-sharing programs, using a long list of names to disguise the worm file on peer-to-peer file-sharing networks as popular downloads such as Adobe Systems Inc.'s Photoshop image editing program, the Matrix Revolutions film and pornography.
Antivirus companies issued virus definitions to detect the new Bagle version and recommended customers update their antivirus software.
IDG.net
Share our Strength
Download Now
Key Strategies for Managing Data Growth
What are you storage challenges?
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
