Bagle returns for another bite

By on

The Bagle worm is on a roll again with anti-virus companies around the globe upping their risk assessments. A trojan version of the worm, known as BagleDl-L is spreading quickly on the back of emails passing through zombie networks.

The biggest threat posed by the new version of Bagle is its ability to turn off existing firewalls and anti-virus protection.

"Any Trojan horse which turns off your anti-virus or firewall can open you up to further attack, even by very old viruses," said Graham Cluley, senior technology consultant at anti-virus firm Sophos.

"This trojan horse is aiming to take advantage of many people's reflex reaction when they receive an executable file via email. Rather than not touching it with a bargepole, they often can't resist double-clicking on it, even though they have no idea if it's safe or not."

Bagle's quick spread is attributed to its immediate release onto a pre-set zombie network.

"This threat was clearly spread through a deliberate spam mass-mailing. This trend of seeding an infection through spam distribution has been growing during the last year or so," said David Emm, senior technology consultant at anti-virus company Kaspersky.

Late last year SC reported a rise in the Bagle worm. Since the middle of 2004 it has remained one of the top ten most prevalent internet viruses.

www.kaspersky.com

www.sophos.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?