W32/Bagle Revisited
(Updated August 10) - Seven months since the W32/Bagle mass-mailing virus first appeared on the Internet, US-CERT continues to see new variants appearing and many variants (new and old) continuing to spread. Many variants of W32/Beagle are known to open a backdoor on an infected system which can lead to further exploitation by remote attackers.
The most recent variant is W32/Bagle.AO (discovered on August 9th). This variant arrives as an email message with the following characteristics:
* Spoofed From address
* Blank Subject line
* Body text containing "new price"
* Attachment containing .ZIP file extension
US-CERT strongly encourages users to install and maintain anti-virus software and exercise caution when handling attachments. Anti-virus software may not be able to scan password protected archive files so users must use discretion when opening archive files and should scan files once extracted from an archive.
You may also wish to visit the US-CERT's computer virus resources page at: http://www.us-cert.gov/other_sources/viruses.html
[ Comment, Edit or Article Submission ]
