Another Bagle Variant Tears up the Internet

Yet another variant from the virulent Bagle family of worms is rampaging

across the Internet.

After only 24 hours in the wild, Bagle-AU has taken the ninth spot in

the list of most prolific viruses, according to analysts at Sophos,

Inc., an anti-virus and anti-spam company based in Lynnfield, Mass.

Carole Theriault, a security consultant with Sophos, says the danger

behind Bagle-AU lies in its ability to propagate, overwhelming corporate

email servers.

Several new Bagle variants have hit the wild in the past few days and

they are strikingly similar in nature and content. Because of their

similarities, Sophos has labeled all of the latest variants as Bagle-AU.

However, different anti-virus vendors have given the malware different

names. The variant also is known as Bagle-BC, Bagle-AT and Bagle-AS.

”Dozens of Bagle variants have been plaguing users since the first one

was spotted in January of this year, and unfortunately, they continue to

wreak havoc on unprotected users,” says Gregg Mastoras, senior security

analyst at Sophos. ”This variant has been observed in force within

companies around the globe, and has the ability to significantly impair

email systems if it reaches a critical mass.”

The new variant spreads via email messages and attachments, as well as

through network shares. The worm attempts to email itself to addresses

harvested from the infected machine, as well as copying itself to

file-sharing folders. Analysts at MessageLabs Inc., an anti-virus

company, report that in an additional attempt to propagate, the new

variant will install a remote access component on TCP port 81 and

attempt to download files from a website.

The spoofed subject header will contain greetings such as ”Hello”,

”Thank you!” and ”Thanks :-)”, and the viruses spread when email

attachments named ”price”, ”Price” or ”Joke” are opened, according

to MessageLabs.

The worm copies itself to the Windows system directory and opens TCP

Port 81 as a means for remote access to the compromised machine, notes

MessageLabs. Once installed on a user’s machine, it attempts to

terminate a number of running security-related processes on the machine.

Anti-virus company Panda Software reports that the worm is spreading

rapidly across the world, gaining speed just a few hours after it first

appeared. The number of incidents caused by this worm is expected to

continue increasing and new variants are expected to emerge over the

next few hours, reports Panda analysts, who have issued a Red Virus

Alert for the bug.

”I suspect that this could be a significant problem,” says Sophos’

Theriault. ”We’ll have to wait till Monday to see what happens… Over

the weekend the virus will land in all those corporate inboxes. We’ll

see what happens when they get to work and turn on their computers. If

they have protection in place, it won’t hurt anybody. But if protection

is not in place, it will take off.”

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020