Friday, October 29, 2004

New Bagle variant is going to a medium alert!

It was a long time ago, before we did go on medium alert .. But it seems time now because this new Bagle variant has been spotted in several locations. It sends emails with a smiley ":)" as the message body. Attachment filename starts with "Price" or "Joke" and extension is COM, EXE, SCR or CPL. Analysis is being done by most AV vendors at this monent and some has already released new signatures. Some call it W32/Bagle.bb(McAfee), some W32/Bagle.at(F-Secure) and I-Worm.Bagle.at (Kasperksy) ,W32/Bagle-AU (Sophos) ,W32/Bagle.BC.worm (Panda) and WORM_BAGLE.AT (Trend)...