New Bagel Worm Speading

Followers

January 29, 200521 yr

Repost from: http://www.eweek.com/article2/0,1759,1756823,00.asp

Bagle Worm Mutants Multiplying Fast

By Ryan Naraine

January 28, 2005

Be the first to comment on this article

Almost a year after the first Bagle worm started squirming through e-mail in-boxes, anti-virus vendors are reporting a new wave of attacks with new propagation techniques.

Three new variants were detected over the past 24 hours, and because of the high rate of distribution, anti-virus firms have increased the threat level and have rushed out signature updates.

One new mutant, Bagle.AY, is polymorphic and uses peer-to-peer spreading capabilities to multiply. It contains a backdoor that listens on TCP port 81 and is programmed to cease its activity on April 25, 2006, according to an alert from Finnish research firm F-Secure.

Anti-virus vendors McAfee Inc., Trend Micro Inc., Panda Software and Symantec Inc. all have raised their alert ratings and have issued warnings because of the worm's rapid rate of propagation.

"Everyone should be cautious of unsolicited e-mail attachments, and be wary of what they download from Internet file-sharing networks," said Graham Cluley, senior technology consultant at Sophos, a Lynnfield, Mass.-based security outfit.

Bagle.AY arrives in e-mail as a packed executable and is also capable of spreading with a prepended Windows CPL (control panel applet) stub. When spreading as a CPL file, the worm prepends a small binary dropper to its executable file. If that file is activated, the worm copies itself as cjector.exe file to the Windows folder and then drops the file into the Windows System folder.

eWEEK.com Special Report: Worm Attacks

The latest spawn spreads itself in e-mails with randomly chosen subject lines, mail text bodies and attachment names. The worm can attach itself to e-mails as an executable file with COM, EXE, SCR and CPL extensions.

Like its predecessors, the worm's backdoor code is password-protected, allowing the worm's author access to connect to the infected computer to execute arbitrary programs. Infected computers are reported to the worm's author by accessing several predefined URLs.

Symantec also reported the detection of W32.Beagle.AZ and warned that distribution

remained high throughout Friday.

-----------------------------------------------------------------------------------------

Create an account or sign in to comment

Followers

Go to topic listing

No registered users viewing this page.

Poll -- Ethiopian restaurant in Pattaya?
Pattaya

Poll -- Ethiopian restaurant in Pattaya?

Jingthing · Wednesday at 08:51 AM2 days

There are a number of cuisines types that are probably more obviously missing in Pattaya now (notably Indonesian and Malaysian) but this topic is about Ethiopian. I'm curious about the interest and possible demand for a decently priced, reasonably good/authentic Ethiopian restaurant here. I know that many urban Americans are familiar with Ethiopian food, but I'm not sure about Europeans and other nationalities. It's my impression that it;'s a kind of food that once tried, the majority will li
- 17 replies
- 557 views
Jingthing

Wednesday at 08:51 AM2 days

Jingthing

1 hour ago1 hr

Seafood buffet
Pattaya

Seafood buffet

georgegeorgia · Wednesday at 02:43 AM2 days

I would like to try a beautiful delicious seafood buffet I don't know where to go in Pattaya for this ,hence I'm seeking analysis on this project I'm not particularly concerned about price , but as I don't like crowds or people sitting near me , I don't like too many people where it's obnoxiously overcrowded where people are pushing shoving fighting for the food I find people seem attracted to me like honey to a pot , I could be in a restaurant say Sizzlers and there is hundreds of tables
- 61 replies
- 1,546 views
georgegeorgia

Wednesday at 02:43 AM2 days

papa al

3 hours ago3 hr

What's the go with Thappraya Rd land development
Pattaya

What's the go with Thappraya Rd land development

Olmate · 13 hours ago13 hr

Is it fortifications, barricades, bunkers, bomb site, what the?
- 5 replies
- 334 views
Olmate

13 hours ago13 hr

beautifulthailand99

5 hours ago5 hr

Car park at Royal Garden Plaza
Pattaya

Car park at Royal Garden Plaza

brewsterbudgen · yesterday at 12:16 PM1 day

Is it usually easy to get a space, at around 5pm on a weekday?
- 7 replies
- 343 views
brewsterbudgen

Yesterday at 12:16 PM1 day

brewsterbudgen

11 hours ago11 hr

Iran is winning and will likely win the war against the USA
Political Soapbox

Iran is winning and will likely win the war against the USA

Jingthing · Wednesday at 10:31 PM1 day

It certainly doesn't please me to realize this dark reality. This is a war that Trump (snookered by Israel) should have never started in the first place. However, this war more than anything else clearly signals to me that the American empire is declining rapidly. Maybe call it a suicide. This topic is being started to discuss and track the events related to Iran winning this war against the USA. I call it a war against the USA rather than a war against the USA and Israel because it would be
- 239 replies
- 3,696 views
Jingthing

Wednesday at 10:31 PM1 day

Lacessit

2 minutes ago2 min

‘Killed by their own sons’: UK faces alarming rise in matricide
What the Papers are Saying

‘Killed by their own sons’: UK faces alarming rise in matricide

bannork · 6 hours ago6 hr

MPs fall silent as Jess Phillips lists the names of women killed by men in the last 12 months Nearly one in five women killed by men in the UK over the past year are suspected to have been murdered by their own sons, according to new data presented in Parliament. The stark figures emerged as Labour MP Jess Phillips read out the names of 108 women killed in the past 12 months during the annual International Women’s Day debate in the UK Parliament. Among them were 19 mothers whose sons are suspec
- 11 replies
- 169 views
bannork

6 hours ago6 hr

Dave0206

3 minutes ago3 min

The Dangerous Appeasement of a regime with 60% enriched Uranium,News
Political Soapbox

The Dangerous Appeasement of a regime with 60% enriched Uranium,News

riclag · yesterday at 10:52 AM1 day

The International Left's Dangerous Appeasement of Iran, A Wake Up Call for Global Security! In an era where state sponsors of terrorism like Iran continue to escalate their nuclear threats, it's alarming to see elements of the international left, including disillusioned citizens of Western countries, turning a blind eye or even justifying such actions as responses to USA/Israel aggression, especially after repeated attempts at negotiations . This pattern of appeasement not only undermines glob
- 79 replies
- 857 views
riclag

Yesterday at 10:52 AM1 day

Lacessit

5 minutes ago5 min

The Skies are Ours, No Mines
Political Soapbox

The Skies are Ours, No Mines

Yagoda · 1 hour ago1 hr

Per the Sec of War, as of 6am this morning, the US and Israel have complete control of Iranian airspace. No mines have been laid in the Strait
- 8 replies
- 118 views
Yagoda

1 hour ago1 hr

scottiejohn

15 minutes ago15 min

Word Association - 2026
Word Association - 2026

hotandsticky replied to CharlieH's topic in ASEAN NOW Community Pub

Inquisition
- Just now1 min
- 2,744 replies
Phuket Eatery Owner Faces Backlash for Banning Israeli Guest
Phuket
Phuket Eatery Owner Faces Backlash for Banning Israeli Guest

Somjot replied to snoop1130's topic in Thailand News - Discussion

That is a really praiseworthy project. The question is, are you qualified for it? Any chance for an answer to my last post? I repeat my question to you in that post:
- Just now1 min
- 105 replies
Iran is winning and will likely win the war against the USA
Iran is winning and will likely win the war against the USA

Lacessit replied to Jingthing's topic in Political Soapbox

What is asserted without evidence can be dismissed without evidence.
- 2 minutes ago2 min
- 239 replies
‘Killed by their own sons’: UK faces alarming rise in matricide
‘Killed by their own sons’: UK faces alarming rise in matricide

Dave0206 replied to bannork's topic in What the Papers are Saying

Before I give my tuppence worth this is merely my theory with no hard evidence. My ex sister in law had a son who was heavily into drugs and he became paranoid people were out to get him usually mothers are the last to abandon there children through cannabis many become schizophrenic ( if you have this tendency drugs will just enhance this) So because families are often easiest victims for junkies even murder will be the same easy targets for disturbed minds
- 4 minutes ago4 min
- 11 replies

Antisemitism…is all of us
ASEAN NOW Community Pub

Antisemitism…is all of us

unblocktheplanet · 8 hours ago8 hr

For me, the conversations we’ve been having here on racism and, more particularly, antisemitism have been very instructive. I’ve learned a lot by talking with all of you. Most of us are familiar with the story of the good German, the ordinary person who followed orders, no matter how far against morality or humanity they went. Eichmann’s defence at Nuremburg was, “I was only following orders.” They hanged him anyway. You see, that’s not good enough. We all like to think of ourselves as better
- 33 replies
- 587 views
unblocktheplanet

8 hours ago8 hr

Yagoda

1 hour ago1 hr

Plan B Retirement to ShanXi China: YOLO…!!!
ASEAN NOW Community Pub

Plan B Retirement to ShanXi China: YOLO…!!!

GammaGlobulin · yesterday at 01:21 PM1 day

Dear Folks, You only live once, or so it is surmised by those who are no-longer among us.. And, I am thinking about going for the gusto in Shanxi, China. I have decided that ShanXi will be my new Plan B, if I need an escape destination. This is one place I have longed to visit, since I was 18. And so, I would like to know if anyone here has any experience living in Shanxi. I am an Old Friend of China, as I think I have mentioned in past comments. Therefore, I expect that a long-term visa mi
- 2 replies
- 373 views
GammaGlobulin

Yesterday at 01:21 PM1 day

save the frogs

15 hours ago15 hr

After Aggressive Pruning: Can/will this tree even survive?
ASEAN NOW Community Pub

After Aggressive Pruning: Can/will this tree even survive?

GammaGlobulin · yesterday at 10:21 AM1 day

Dear Folks, As we all know, most trees in the city, or the suburbs, get pruned. Most seem to survive this cutting. However, some never recover. At this time, I am worried about my favorite tree which has been growing near my property for some time, and which has provided me with welcome shade from the sun, during the Hot Seasons. I have no idea concerning the botanical name for this species of tree. I just know that it once was beautiful. My hope is that it will re-grow into its former se
- 10 replies
- 708 views
GammaGlobulin

Yesterday at 10:21 AM1 day

wil iam not

4 hours ago4 hr

New Bagel Worm Speading

Featured Replies

Create an account or sign in to comment

Recently Browsing 0

Topics

Poll -- Ethiopian restaurant in Pattaya?

Seafood buffet

What's the go with Thappraya Rd land development

Car park at Royal Garden Plaza

Topics

Iran is winning and will likely win the war against the USA

‘Killed by their own sons’: UK faces alarming rise in matricide

The Dangerous Appeasement of a regime with 60% enriched Uranium,News

The Skies are Ours, No Mines

Popular Contributors

Latest posts...

Word Association - 2026

Phuket Eatery Owner Faces Backlash for Banning Israeli Guest

Iran is winning and will likely win the war against the USA

‘Killed by their own sons’: UK faces alarming rise in matricide

Popular in The Pub

Antisemitism…is all of us

Plan B Retirement to ShanXi China: YOLO…!!!

After Aggressive Pruning: Can/will this tree even survive?

ASEAN NOW

MORE INFO

POPULAR AREAS

CONTACT US

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)