Giving proof to the gullibility of Internet users, a worm that at least one security analyst describes as "nothing special" stormed across the Internet over the weekend, and continued to cause enough concern among anti-virus vendors Tuesday to retain higher-than-usual alert levels. Dubbed Beagle by some, Bagel by others, the worm first appeared in the Pacific/Asia theater, hitting Australia hard and spreading to Europe before making the rounds through businesses and consumers in the United States.
Like other worms, Beagle/Bagel is delivered as a file attachment to an e-mail message. Using an unsophisticated subject heading of simply 'Hi,' with message text that consists primarily of random characters, and with a randomly-named executable as the attached file, the worm uses crude techniques. But that doesn't mean it hasn't been successful.
MessageLabs, a U.K.-based security and e-mail filtering firm, has intercepted nearly 150,000 instances of the worm since it debuted on Sunday.
"What's interesting about Beagle/Bagel is that its social engineering isn't anything special," said Vinny Gullotto, vice president of Network Associates' AVERT security and threat analysis team. "And most of what we've seen in the worm has been borrowed from others." Even so, users worldwide have been duped.
Ken Dunham, the director of malicious code at iDefense, made much the same point. "There's nothing particularly enticing about the message sent out by Bagel, yet is spreads with very good success. It appears that being brief and saying little, even if the content is vague and scarce, is a highly effective method for spreading malicious code."