Security fears raised for new Bagle attack
By Matt Whipp
Posted on 1 Dec 2006 at 18:10
F-Secure is warning that a Bagle attack could be imminent as a number of the URLs accessed by the viruses have been re-activated.
The company says the URLs have been loaded with a new 188KB executable file, which computers currently infected by the Bagle virus will begin downloading.
The new executable causes the infected machines to start pumping out emails with a new variant of the virus. F-Secure says that the emails have attachments with filenames related to price lists.
The emails include a gif image which displays the password needed to open the attachment. Once the attached Zip file is run, it installs the file and opens a fake error code in Notepad or Registry Editor.
It also uses a rootkit to hide its presence on infected systems.
F-Secure says it has already added protection against the new variant.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
