New Bagle variant seen in the wild

Antivirus software companies late Thursday and early Friday began warning e-mail users that the persistent Bagle virus has re-emerged in a new version, Bagle.AF or Beagle.AB.

The virus comes in the form of a password-protected .zip file and has the password included in the message body as plain text or within an image. According to antivirus company F-Secure Corp. of Helsinki, Bagle.AF has quite similar functionality to Bagle.Z, which appears to indicate that the author of Bagle.AF had Bagle.Z’s source code.

The first Bagle virus, which spreads throughout the Internet via infected e-mail messages and by targeting machines running Microsoft Corp.’s Windows operating system, was discovered in January. Since then it has continually been popping up with new variants, and given a plethora of names by the various antivirus companies. In March, a variant — with three names: Bagle.U, W32/Bagle.n@MM and W32/Beagle.m@MM — struck the Internet and foiled users with a small bitmap image to escape detection by antivirus programs.

F-Secure upgraded Bagle.AF to its “Radar Level 2” alert early Friday morning after receiving several samples of it from infected users in North America and Europe, according to Mikko Hypp

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now