|
|
New Bagle.bb worm attacks and disables antivirus programs
A new version of the fast-spreading Bagle worm was discovered on Friday and was raised to a medium risk assessment almost immediately by security company McAfee. Bagle.BB, also known as W32/Bagle.bb@MM, had within hours triggered more than 100 reports to McAfee's antivirus and vulnerability emergency response team. The Bagle.BB Worm is one of three variants of the Bagle virus that have been identified to be successfully spreading across the Internet. Other security experts noted that there are specific challenges with the latest variant of Bagle. This version of the Bagle worm appears as an e-mail message with a smiley face : )) and It only affects Windows machines. It has been noted to try to block the Netsky virus on users' machines, which seems like a retaliation on Netsky. The authors of the Bagle and Netsky variants appear to be taunting each other in their worms' software code. The Bagle.BB version of the Bagle virus also tries to disable antivirus software loaded on people's computers. With an increasing temptation of financial gain, authors of computer viruses are utilising them to surreptitiously use another person's computer to send out spam or collect personal financial information from which they can hack into personal accounts, even bank accounts or Paypal accounts. Security experts have noted that the profit that can be made from these activities can be quite substantial and is becoming an increasing driving force for the rapid rise in virus and hacker attacks. The most recent version of the Bagle virusworm is another in a long list of variants of the virus, which began infecting computers in January 2004. BitDefender Labs noted that the new Bagel variant has been able to mutate itself to a certain degree, and create copies of itself in varying lengths, in order to make it more difficult to detect and filter out infected e-mails using antivirus software. Bagle.BB acts by harvesting addresses from local files and address books and then uses those addresses in the "from" field to send itself out, according to McAfee. As a result, the recipient of Bagle.BB receives an infected e-mail with a sender address which appears real as it would have come from a legitimate friend, business associate or family member. The subject header of the infected email will be be about quite a general subject, usually containing such greetings as "Hello," "Thank you!" and "Thanks :)." As with a number of viruses, it executes and spreads when the recipient opens the e-mail attachment. The executable name of the attachment has been noted to be named as "price," "Price" or "Joke," according to McAfee. Once the virus in the attachment has been released, it will copy itself onto the Windows system directory. It will also open TCP port 81, as a trojan horse means for remote access to a user's computer for further hacking attacks. More on Antivirus programs More on Firewall programs |
Home . Advertise . . About us . Links Directory . Webmasters . Searchbabe Singapore Copyright İSearchbabe inc. 2003, All Rights Reserved. Terms of Use . Privacy Policy - Links |
 
|