Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: JustPiper
Here's another computer virus set to disable:

'Gamer's virus' aims to hit users


Bagle.B might have been written by a gamer
A miserable month for Microsoft is continuing with warnings about yet another Windows worm.
Anti-virus companies have issued alerts about Bagle.B that is starting to appear in large numbers.

Like many other recent viruses it harvests addresses from the popular Outlook e-mail program and sends messages using its own e-mail engine.

Bagle.B also installs a backdoor in infected machines that could gives some remote control over compromised PCs.

New virus, old tricks

Bagle.B is a variant of the original Bagle that was circulating in January this year.

The original Bagle posed as a calculator and tricked people into opening it.

Like its predecessor, and many other recent viruses, Bagle.B is triggered when a user opens the attachment on the e-mail bearing the malicious code.

As well as plundering e-mail address books, the virus also opens up a backdoor to give the virus' creator access to infected machines.

SPOTTING BAGLE.B
From: (spoofed address)
Subject: ID (random characters)... thanks
Message: Yours ID (random characters)--Thank
Attachment: (random file name).exe
Any computer falling victim to the virus also reports its infection to a series of compromised websites, most of which are based in Germany.

Anti-virus firms speculate that the creator of the virus is a keen gamer as the malicious program uses settings associated with Ultima Online. Also one of the sites that infected machines report to is all about computer games.

The virus is programmed to stop sending out e-mail after 25 February.

It is then expected to move into its second mode in which infected machines will be used as relays for spammers.

Efforts to combat spam mean that anyone wanting to send large amounts of e-mail must find an innocent machine to do it for them.

Since it was first seen on 17 February mail filtering firm MessageLabs has stopped more than 95,000 copies of the virus and infections have been seen in 66 countries.

It can infect machines running Windows 95, 98, ME, NT, 2000 and XP. The virus is known as Bagle.B as well as Alua@mm and Tanx-A.

Despite the sudden growth in Bagle.B numbers MessageLabs is still catching more copies of the Mydoom.A even though that virus was supposed to stop sending out infected e-mail messages on 12 February.

Security firms do not expect Bagle.B to become as widespread as Mydoom and urge people to update anti-virus software to ensure they are not caught out by the bug.




3,997 posted on 02/18/2004 6:07:46 PM PST by MamaDearest (Lets get them before they get us!)
[ Post Reply | Private Reply | To 3988 | View Replies ]

To: MamaDearest; All
I'm concerned. Anyone else's bank card been hit today? No access, erroneous errors etc?

And as if Bagle/Beagle weren't enough sis:

NetSky.B, also known as Moodown.B, first appeared on Wednesday and is spreading via infected e-mail messages and shared network folders.

http://story.news.yahoo.com/news?tmpl=story&u=/pcworld/20040218/tc_pcworld/114829
4,019 posted on 02/18/2004 8:48:28 PM PST by JustPiper (Don't try to solve serious matters in the middle of the night)
[ Post Reply | Private Reply | To 3997 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson