Virus uses Client/Server approach!
So far, we've seen 4 different downloaders and several different Bagles...
There's something else too. These new Bagle variants are using a client / server architecture to spread further. What? A Client / Server virus? Yes.
Normally Bagle variants search the local hard drive to find email addresses to send itself to. These new variants connect to a web back-end. The back-end server will then return 50 unique email addresses that it generates using directory harvest techniques. The virus will then send a copy of itself to these addresses and loop over. We come accross lots of them here in Belgium but I don't call this an enormous outbreak...
<< Home