Internet security organisations Trend Micro and MessageLabs have discovered a variant of the Bagle email virus, called Bagle-B.
MessageLabs' technical director, David Banes, said that while over 81,189 messages had been intercepted to-date, “we're not seeing much of it here [in Australia]”.
“Numbers here are low” said Clive Wainstein, product marketing manager for Trend Micro, confirming that the worm was not a visible threat in the country.
According to Trend Micro, the memory-resident Bagle-B worm propagated by mass-mailing itself, and then left infected machines open to hackers who may steal confidential data, download, executing or even updating files.
The company said that the virus arrived in the form of an executable (EXE) attachment of random name, and the host email would contain 'ID' in both the subject and message body.
When asked about what danger the worm posed, Trend Micro's Wainstein said the company was not too worried.
“It's nothing much,” said Wainstein, “there is nothing special about it.”
“Any company with a security infrastructure blocking executables in email should not have been affected” he said.
“It's easy to contain, and easy to detect.”
Trend Micro had classified Bagle-B as a 'medium risk', and MessageLabs had degraded their rating of the worm from 'high' to 'medium'. Banes said, “Initially we felt it may spread like Mydoom, but we're seeing a fairly steady infection rate”.
But it's no secret that the worm is in the news. Wainstein agreed that many people were on-edge and are wary of worms, especially in Mydoom's wake.
Bagle-B was set to cease functioning on 25 February 2004 and affects Windows 95, 98, ME, NT, 2000 and XP operating systems.
