Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Bagle Bullies Users Into Infections

A new variant of the long-running Bagle worm appeared Wednesday, and tried to bully people into installing the payload by threatening to report them to the police.

Dubbed Bagle.dw by Symantec, the worm arrives as an executable file attached to messages with subject heads that range from "You are a criminal and will be busted!" to "You steal from innocent people."

Recipients who bite on the bait and launch the file will have their PC infected with a backdoor component and their security settings lowered. The worm also tries to download unspecified files from a large number of Web sites, then remotely run those files.

One of the three message permutations reads like a ransom note from a 20-something:

"Dude, I found your email from whois info of a web page that was used in spam and illigal [sic] activity, please do something or you will be sued and busted.
Was very dumb to leave your email, a**hole! P.S Attached file is self-exatracting [sic] archive with information about your criminal activity."

  • 1