Home : Security : News

Security fears raised for new Bagle attack

A number of the URLs accessed by the viruses have been re-activated, warns F-Secure

By Matt Whipp, 1 Dec 2006 at 18:49

F-Secure is warning that a Bagle attack could be imminent as a number of the URLs accessed by the viruses have been re-activated.

The company says the URLs have been loaded with a new 188KB executable file, which computers currently infected by the Bagle virus will begin downloading.

The new executable causes the infected machines to start pumping out emails with a new variant of the virus. F-Secure says that the emails have attachments with filenames related to price lists.

The emails include a gif image which displays the password needed to open the attachment. Once the attached Zip file is run, it installs the file and opens a fake error code in Notepad or Registry Editor.

It also uses a rootkit to hide its presence on infected systems.

F-Secure says it has already added protection against the new variant.

Email to a friend

Print this page

< Previous Security : News Next >

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

More Security Reviews