Bagle worm attacks leave AV defences struggling

Anti-virus software companies are reporting a "wave" of Trojan spam e-mail attacks being spread by up to 15 variants of the Bagle...

Anti-virus software companies are reporting a "wave" of Trojan spam e-mail attacks being spread by up to 15 variants of the Bagle worm.

The high number of variants to the worm is making it difficult for anti-virus companies to update their security signatures to protect users from infection. 

As a result anti-virus companies are warning customers not to rely only on their desktop and server security software, and to be extra careful about what e-mails they open, to avoid infection.

Some of the Trojans, being spread by a world network of "zombie" computers, are being used to install malicious remote monitoring software on users' machines, enabling criminals to monitor PC usage and steal personal details to commit fraud.

Zombies are user PCs that have been taken over remotely by criminals to spread malware without the users' knowing their machines have been infected.

Ken Dunham, director of malicious code at internet security firm, said, "The attack is ongoing and many of the minor variants are not detected by various security products.  

"These codes do require user interaction, but user-interaction worms have proven themselves to be highly effective in the wild over the past 13 months."

User interaction means users have to physically open an attachment, in this case often a Zip file, to infect their machine. 

Dunham said, "Hackers have been testing their code prior to the attack to ensure that certain anti-virus products do not detect the new minor variants.  

"Hackers have become increasingly sophisticated and organised in what they are doing in an attempt to steal sensitive information or gain control over many computers."



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.