New Bagle worms making the rounds

Two new versions of the Bagle e-mail worm are spreading on the Internet and through peer to peer (P-to-P) file-sharing networks, according to warnings issued on Thursday by antivirus software companies.

The latest Bagle variants, Bagle.AX and Bagle.AY, are the 50th and 51st versions of the original Bagle worm, which appeared in January 2004. Like the first Bagle, sometimes spelled “Beagle,” versions AX and AY spread in executable files and infect machines running Microsoft Corp.’s Windows operating system, antivirus companies said.

Users launch the worm and infect their systems by opening an infected file in an e-mail message or a shared folder on a P-to-P network, according to an alert from Symantec Corp.

Once released, the worm modifies Windows so that the worm file is launched whenever Windows starts. It also harvests e-mail addresses from the infected computer’s hard drives, then mails copies of itself out to those addresses, faking the “from” address on e-mail messages it sends, according to an advisory from F-Secure Corp. of Helsinki.

Copies of Bagle.AX and Bagle.AY arrive in messages with subjects such as “Delivery service mail,” “Registration is accepted” and “You are made active,” F-Secure said.

The virus file is disguised in files with exe, scr, com and cpl extensions and names such as “Jol03,” “upd02,” “zupd02” and the like.

On computers that are running P-to-P file sharing software, the virus copies itself into folders that begin with the letters “shar,” which could be file-sharing folders used to swap files on the networks. The worm file is disguised as popular software or pornography, with names like “Adobe Photoshop 9 full.exe,” and “XXX hardcore images.exe.”

Antivirus companies issued updated virus definitions that enable their products to detect the new versions of Bagle and advised customers to update their software as soon as possible.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now