Careers & Certifications

08:52 PM
Connect Directly
RSS
E-Mail
50%
50%

Newest Bagle On The Loose

Another variation of the long-running Bagle worm began spreading early Friday.

Another variation of the long-running Bagle worm began spreading early Friday, bumping up warning levels from most security firms to their highest levels in over a month. Although three different versions of Bagle were launched almost simultaneously, one, dubbed Bagle.av, Bagle.at, Bagle.au, or Bagle.bb, is spreading the fastest.

"It started showing up around 2 a.m. today Eastern time," said Stefana Ribaudo, the product manager for Computer Associates eTrust security program, "and first spread in Europe. When U.S. offices opened between 8 and 9, it really took off."

Computer Associates, for instance received 100 submissions of the new Bagle within an hour, while it went straight to the top of F-Secure's list of the most common viruses during the past 24 hours. U.K.-based security vendor BlackSpider noted that more than a million e-mails carrying the new Bagle had been sent as of early Friday morning, London time. It's not uncommon for worms and viruses to be seeded in large spam-style mailings, often with the help of large networks of hijacked PCs where each machine mails just a few messages to escape detection.

Whatever it's named -- Bagles have proliferated to such a degree that there's no longer a common naming system among anti-virus vendors -- the worm is relatively easy to spot, say analysts. The subject line is typically "Re: Hello," "Re: Hi," or "Re: Thank you!" The worm is disguised as a .exe, .scr, .com, or .cpl file named "Price" or "Joke."

Like earlier Bagles, this one spreads by grabbing e-mail addresses from compromised machines and remailing itself with its own SMTP server. It also spreads via shared network folders.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Hot Topics
6
8 Gotchas Of Technology Contracting
Craig Auge, Partner, Vorys,  7/17/2014
2
Cisco DevNet Focuses On Developers
Marcia Savage, Managing Editor, Network Computing,  7/21/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
Video
Slideshows
Twitter Feed