Channel News and Analysis - Channel Insider
Empowering the next generation Channel
 
Bull’s Eye Awards
Nominations Open for Channel Insider 2009 Bull’s Eye Awards
Nominations are now open for the Channel Insider 2009 Bull’s Eye Awards, which recognize excellence in customer service, technology prowess, business acumen, channel leadership, communications and community building, and innovation among vendors, solution providers, distributors and channel services companies.



Sponsored Links
  • SonicWALL breaks through network and email gridlock
  • Save up to 40% on calling costs with Avaya Aura™
  • HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us/go/4


    		•  

    New Bagle Variant Raises Alarms

    in Channel News and Analysis
    DATE: 2004-09-29 | By Larry Seltzer


    Article Rating:starstarstarstarstar / 0
    Article Views: 883

    Rate This Article:
    Poor Best
    Add This Article To:
    Anti-virus companies have elevated the threat level for the latest version of the persistent worm.

    A new variant of the Bagle worm is showing more prevalence than usual, according to anti-virus companies.

    The new version is known by a variety of names: McAfee Inc. calls it Bagle.az, Trend Micro Inc. has dubbed it Bagle.AM and Symantec Corp. refers to it as Beagle.AR. All three companies have elevated the threat level for this worm because of increased submissions to their monitoring services compared with the average Bagle variant.

    Click here to find out why security researchers are puzzled by Bagle's success.

    All the major companies offer protection against the worm. Symantec also has a removal tool.

    Many e-mail programs, including Microsoft Outlook and Outlook Express will, in the default configuration, delete the infected executable attachment to the e-mail message in which the worm arrives.

    Resource Library:

    According to Trend Micro's description, the message comes from a spoofed address. The subject line is either "Re: Hi!," "Re: Thank you!," or "Re: Thanks :)," and the message body is always ":))." The message comes with an attachment with a file name of "Joke" or "Price," which has an extension of either ".com," ".cpl," ".exe," or ".scr."

    Once the user runs the executable, it drops a copy of itself in the user's Windows System folder and sets Windows to load it when the computer boots up.

    The worm attempts to propagate by copying itself to shared folders for LANs and peer-to-peer networks, and through a conventional e-mail distribution using a built-in SMTP engine. It attempts to terminate a large number of security-related programs, such as anti-virus software.

    In keeping with Bagle tradition, it also attempts to interfere with the Netsky worm by removing several registry keys used by Netsky and creating mutexes, which are variables in the operating system that Netsky checks for.

    Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.

    Be sure to add our eWEEK.com Security news feed to your RSS newsreader or My Yahoo page



    Discuss New Bagle Variant Raises Alarms
     
    >>> Be the FIRST to comment on this article!
     

     
     
    >>> More Channel News and Analysis Articles          >>> More By Larry Seltzer
     



    		 

    Related Content

    Articles Labs/How-To Multimedia


    [ci] feeds
    XML
    Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

    HTML PLAIN TEXT

    Keep on top of news for VARs and Resellers with CI's Weekly Newsletter and Alerts.

     

    CHANNEL RESOURCE CENTER
     
     
    How to Unleash Application Performance with Solid-State Drives and Sun Servers
    Unleash the Beast! Learn from Sun and Intel experts how Sun servers equipped with Flash-enabled solid-state drives offer dramatic improvements to HPC, Web 2.0, and data center application performance Watch this video to learn more
    Watch Video
     
    Build A More Efficient Data Center
    Demands are growing but budgets are not. Solve your pressing IT issues using the resources you already have. Determine which technologies can help you drive efficiencies and how they are applied. Gain a quick ROI on new initiatives
    Find out how
    Easily Monitor Virtual, Physical, and Cloud based assets, applications and services from a unified Dashboard with up.time. Deep Monitoring across platforms and best-of-breed reporting. Over 700 enterprise customers in 32 countries.
    Read Article