Security fears raised for new Bagle attack
By Matt Whipp
Posted on 1 Dec 2006 at 18:10
F-Secure is warning that a Bagle attack could be imminent as a number of the URLs accessed by the viruses have been re-activated.
The company says the URLs have been loaded with a new 188KB executable file, which computers currently infected by the Bagle virus will begin downloading.
The new executable causes the infected machines to start pumping out emails with a new variant of the virus. F-Secure says that the emails have attachments with filenames related to price lists.
The emails include a gif image which displays the password needed to open the attachment. Once the attached Zip file is run, it installs the file and opens a fake error code in Notepad or Registry Editor.
It also uses a rootkit to hide its presence on infected systems.
F-Secure says it has already added protection against the new variant.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
Printed from www.pcpro.co.uk