Bagle worm on the loose

A new round of Bagle worm attacks is targeting already infected machines, security experts have warned.

A new round of Bagle worm attacks is targeting already infected machines, security experts have warned.

Security firm F-Secure said a download link on one of the websites monitored for new content by affected computers became newly active on Sunday.

The site, purportedly belonging to an estate agent in Slovakia, contained a download link that produced “a new, uniquely repacked version of the malware every 50 seconds or so”, F-Secure’s chief research officer, Mikko Hypponen said on his blog.

The security firm detected all the modified versions of the downloaded file as SpamTool.Win32.Bagle.g.

The malware was later removed from the Slovak site – www.bbrealservis.sk – but 10 hours later it became active again, operating from a new site, www.benininfo.com. This site has now been shut down by its internet service provider.

Last year up to 15 variants of the Bagle worm spread a wave of Trojan attacks affecting millions of e-mail users.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close