Ziff Davis Internet
News & Resources for the IT Reseller
NewsReviewsTech AnalysisCommentarySecurityLinux/Unix
My Account |  
Home > News > 

New Bagle Variant Raises Alarms
By Larry Seltzer
September 29, 2004


A new variant of the Bagle worm is showing more prevalence than usual, according to anti-virus companies.

ADVERTISEMENT

The new version is known by a variety of names: McAfee Inc. calls it Bagle.az, Trend Micro Inc. has dubbed it Bagle.AM and Symantec Corp. refers to it as Beagle.AR. All three companies have elevated the threat level for this worm because of increased submissions to their monitoring services compared with the average Bagle variant.

PointerClick here to find out why security researchers are puzzled by Bagle’s success.

All the major companies offer protection against the worm. Symantec also has a removal tool.

Many e-mail programs, including Microsoft Outlook and Outlook Express will, in the default configuration, delete the infected executable attachment to the e-mail message in which the worm arrives.

According to Trend Micro’s description, the message comes from a spoofed address. The subject line is either “Re: Hi!,” “Re: Thank you!,” or “Re: Thanks :),” and the message body is always “:)).” The message comes with an attachment with a file name of “Joke” or “Price,” which has an extension of either “.com,” “.cpl,” “.exe,” or “.scr.”

eWEEK.com Special Report: E-mail Worms 2004

Once the user runs the executable, it drops a copy of itself in the user’s Windows System folder and sets Windows to load it when the computer boots up.

The worm attempts to propagate by copying itself to shared folders for LANs and peer-to-peer networks, and through a conventional e-mail distribution using a built-in SMTP engine. It attempts to terminate a large number of security-related programs, such as anti-virus software.

In keeping with Bagle tradition, it also attempts to interfere with the Netsky worm by removing several registry keys used by Netsky and creating mutexes, which are variables in the operating system that Netsky checks for.

PointerCheck out eWEEK.com’s Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer’s Weblog.

horizontal rule

Be sure to add our eWEEK.com Security news feed to your RSS newsreader or My Yahoo page

     
Email


TALKBACK
MICROSOFT RESOURCE CENTER
Free Hands-On Training Lab
Find out how key features of SBS 2003 can help you open up a new line of revenue. Register now >>


SBS 2003 Sales Reference Card
This handy reference card contains features at a glance, sales objection handling, pricing guidelines & more. Get it now >>


Microsoft Empower for ISVs rewards your big idea with big benefits and support.
Access key development tools at a low cost to help you develop that idea into an innovative application. Learn more >>




 
FREE WHITE PAPER
Changing Business for the Better: A Practical Guide to BPM


This paper provides an overview of the benefits of BPM technologies and identifies the characteristics of BPM solutions that lead to successful BPM process-centric integration projects.


Download this free white paper to learn more!

>> brought to you by IBM

Attention Microsoft Solution Providers!



Want to gain a competitive edge? Try Microsoft Watch – FREE!


Each week you receive:
  • Microsoft News and Insider Information
  • Expert Analysis
  • Code Names of Upcoming MS Products
  • Year-Ahead Calendar, updated monthly



    Click Here to sign up now for your FREE 14 Day Trial to Microsoft Watch.
    •  
    Topic Center Index
    Business Licensing Information Technology
    Companies Channels Resellers
    Software Management  

  • Add up to $1,200 of value with the new BONUS PACKS.
  • HP PartnerONE: The key to increasing your margins.
  • HP Compaq nc6129 Business Notebook. $1149 Smart Buy
  • HP xw8200 workstation. Smart Buy price $1549.
  • ProLiant DL360G4p server: HP Smart Buy price $1647
  • Microsoft files new anti-piracy lawsuits. Learn more.
  • New offers with Windows Genuine Advantage.

    		•

    NEWS

    View All >

    OPINION

    View All >
    POPULAR TOPICS
    More Topics…
    CHANNEL INSIDER BUYER’S GUIDE
    •Catalog Publishing
    •Dealer Management
    •Order Configuration
    •Price Management
    •Sales Management

    View All >

    SOLUTION BUILDER

    View All >
    CAREER CENTER
    Search the jobs you want & get the info you need – post your resume here today!

    Powered by Dice

    TECH ANALYSIS

    View All >

    CONTRACT WATCH

    View All >
    SPECIAL REPORTS
    White Boxes
    MS vs. IBM
    Linux in the Channel
    Network
    CHANNEL RSS FEED
    Stay in the Zone
    Put The Channel Insider on your desktop.
    FREE NEWSLETTERS
    Subscribe to The Channel Insider: Channel News, Reviews, Resources and more.

    Make your selections below:

    Contract Watch

    The Channel Insider Update

    Preferred e-mail format:

    Enter your e-mail:


    view all newsletters >>

    Channel Insider      Contact Us | Advertise | Site Map

    Channel Insider Quick Links

    B2B | Compliance | Competitors | Procurement Contracts | Site Licenses | Microsoft Licenses | Certification | OEM
    Custom PC | IT Sales | Distribution Channels | Service Providers | Turnkey Integration | VAR | Microsoft Resellers
    Computer Resellers | Software Distributors | Business Management | System Integrators | Technology Partners

    Ziff Davis Footer Logo

    Ziff Davis Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters | RSS Feeds
    Tech Shop | White Papers | Tech Encyclopedia | PC Downloads | ROI Calculators | Tech Jobs
    Enterprise Product Comparison Guides | Consumer Electronics Buying Guides | Tech Podcasts | Tech Video

    1UP | Baseline | The Channel Insider | CIO Insight | Cranky Geeks | DesktopLinux | DeviceForge | DevSource
    DigitalLife | DL.TV | eSeminars | eWEEK | ExtremeTech | Filefront | GameVideos | GearLog | LinuxDevices
    Linux Watch | Microsoft Watch | PC Magazine | PCMagCasts | PDF Zone | Security IT Hub | Server IQ
    Smart Company | Technoride | Web Buyer's Guide | What's New Now | Windows for Devices

    Use of this site is governed by our Terms of Use and Privacy Policy
    Copyright © 2003-2006: Ziff Davis Publishing Holdings Inc. All rights reserved. The Channel Insider is a trademark of Ziff Davis Publishing Holdings Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited.