 Bagle.AF - MEDIUM-ON-WATCH RISK |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
  Jul 15 2004, 08:12 PM
Post
#1
|
|
 Security Reporter  Group: News Reporters Posts: 484 Joined: 10-April 04 From: Roanoke, Virginia Member No.: 107  |
 Bagle.AF - MEDIUM-ON-WATCH RISKhttp://secunia.com/virus_information/10683/bagle.af/ http://vil.nai.com/vil/content/v_126792.htm http://www.trendmicro.com/vinfo/virusencyc...e=WORM_BAGLE.AF http://www.symantec.com/avcenter/venc/data...agle.ab@mm.html This one is spreading significantly. This is a mass-mailing worm with the following characteristics: * contains its own SMTP engine to construct outgoing messages * harvests email addresses from the victim machine * the From: address of messages is spoofed * attachment can be a password-protected zip file, with the password included in the message body. * contains a remote access component (notification is sent to hacker) * copies itself to folders that have the phrase shar in the name (such as common peer-to-peer applications; KaZaa, Bearshare, Limewire, etc) * uses various mutex names selected from those W32/Netsky variants have used, in order to prevent those W32/Netsky variants running on infected machines. -------------------- |
 |
 
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 7th September 2008 - 06:43 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.