| Home | About Us | Products | Support | Downloads | Resellers | Links |
|
|
|
||||||||
|
|
|||||||||
|
|||||||||
|
Latest Threats
New mass mailing Worm Bagle
Inter Engineering, F-Secure and Mimesweeper alert computer users about a new mass mailing worm going by the name Bagle.
Bagle was first detected on the 18th of January, 2004. The worm sends messages with the subject 'Hi' and random EXE attachment names. It has been programmed to stop spreading on the 28th of January.
Bagle spreads by emailing itself to all email addresses it can find on infected computers.
The emails Bagle sends have the following characteristics:
Subject: Hi Body: Test =) <random characters> -- Test, yep. Attachment: <random characters>.exe
The icon of the attached executable is equal to the windows calculator icon. Users have to double click on the executable file in order to become infected.
The Bagle contains a backdoor listening on port 6777 enabling hackers to take control over infected machines. Thus the creator of the worm can exploit infected machines for the execution of tasks like delivering Spam messages.
Josmaarten Swinkels of Inter Engineering comments: “To be honest we were expecting something like this. For months already there hasn’t been a serious incident so it was predictable that at any moment one could occur. Bagle’s fast global spreading and the continuation of it, lead to the conclusion that there are a lot of computers without Anti Virus or with with an Anti Virus which isn’t opdated fast enough, that there are a lot of email recipients who do not filter out dangerous filetypes like executables, that a lot of machines are not protected by a Firewall or have a Firewall which is not set up properly and finally that lots of people can’t control their curiosity and click on whatever they receive!”
F-Secure Anti-Virus detects the Bagle worm with the update published on January 19th, 2004.
Protection is also possible with email content security tools like Mailsweeper, simply by deleting all executable attachments or by using an Anti Virus plugin. Also the use of a company or personal Firewall is highly recommended from now on.
For more information on the Worm, its detection and disinfection, as well as for advise on preventive protection Inter Engineering can be contacted. About Inter Engineering Inter Engineering is one of the few companies specialized in Data Security. Since 1992 the company is active in the protection against computer viruses and has since then extended its activities with strong cryptography, access control, copy protection, biometrics and data recovery. The Company cooperates closely with leading providers globally and contributes actively to research and development. Also close relationships with scientific organizations are maintained. Thus Inter Engineering is able to provide consultancy and solutions for almost any Data Security issue.
To contact us: Inter Engineering |