Like other worms, Beagle/Bagel is delivered as a file attachment to an e-mail message. Using an unsophisticated subject heading of simply 'Hi,' with message text that consists primarily of random characters, and with a randomly-named executable as the attached file, the worm uses crude techniques. But that doesn't mean it hasn't been successful.
MessageLabs, a U.K.-based security and e-mail filtering firm, has intercepted nearly 150,000 instances of the worm since it debuted on Sunday.
"What's interesting about Beagle/Bagel is that its social engineering isn't anything special," said Vinny Gullotto, vice president of Network Associates' AVERT security and threat analysis team. "And most of what we've seen in the worm has been borrowed from others." Even so, users worldwide have been duped.
Ken Dunham, the director of malicious code at iDefense, made much the same point. "There's nothing particularly enticing about the message sent out by Bagel, yet is spreads with very good success. It appears that being brief and saying little, even if the content is vague and scarce, is a highly effective method for spreading malicious code."