Printer Friendly
The Free Library
14,635,542 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Kaspersky upgrades I-Worm.Bagle threat to severe.


I-Worm.Bagle, is a new Internet See Web 2.0 and Internet2.  worm detected in the wild. The worm spreads via email with a random sender address. Kaspersky Labs Kaspersky Lab is a computer security company, co-founded by Natalia Kaspersky and Eugene Kaspersky in 1997, offering antivirus, anti-spyware, anti-spam, and anti-intrusion products.  has received reports of infections from around the world; where Bagle is causing a significant outbreak. The worm is a Windows EXE file (EXEcutable file) Pronounced "ex-ee file." The name given to a program in machine language that is ready to run in DOS, Windows, OS/2 and VMS. The name comes from the .EXE extension at the end of the program name; for example: XYZ.EXE.  about 15 KB in size attached to emails with random sender addresses. The subject, "Hi", body, "Test =)" and signature "Test, yep" are constant, whereas the name of the attachment is random.

Once the worm is launched, it copies itself into the Windows directory and attempts to download and launch Mitglieder, a Trojan proxy server Also called a "proxy," it is a computer system or router that breaks the connection between sender and receiver. Functioning as a relay between client and server, proxy servers are used to help prevent an attacker from invading the private network. , on the infected machine. This proxy server allows the 'master' to use the infected machine as a platform to send more copies of the malicious code. Currently, all links to Internet sources for downloading Mitglieder are deleted. Thus, I-Worm.Bagle cannot use this tech to increase propagation speed.

As a result, at this time, I-Worm.Bagle is using a technique standard for Trojan programs. Bagle scans the file system on infected machines for files with extensions web, txt, htm and rl. The worm then sends copies of itself to all email addresses that it uncovers, using a built in SMTP (Simple Mail Transfer Protocol) The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite, as defined by IETF RFC 2821. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail.  server

www.kaspersky.com
COPYRIGHT 2004 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2004, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Virus Notes
Publication:Database and Network Journal
Date:Feb 1, 2004
Words:204
Previous Article:Improved protection for Linux Workstations.(Virus Notes)
Next Article:Don't believe your browser--it could be Dumaru.(Virus Notes)



Related Articles
Top twenty viruses reported to Kaspersky in August.(Software Digest)(Brief Article)
Top twenty viruses reported to Kaspersky in October.(Security)(Brief Article)(Illustration)
Top twenty viruses reported to kaspersky in december.(Security Products)
Kaspersky lab virus Top 20, February 2005.(SOFTWARE WORLD DIGEST)
Kaspersky Lab virus top twenty for March 2005.(Security)(Illustration)
New version of Bagle widely spammed.(Security)
Security extra.(SOFTWARE DIGEST)(Brief Article)
Top twenty e-mail malware reported to Kaspersky in June.(Security)
Security news and products; top tewnty viruses reported to kaspersky in December.(Kaspersky Lab Ltd.)
July virus top 20: old timer NetSky squeezes out Mytob.(Security)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles