informa
/
1 MIN READ
News

Bagel Variant On The Loose

Almost 70,000 copies of a new variant of the Bagle downloader had been intercepted by MessageLabs as of 5 p.m. last night, according to the anti-virus vendor.
Almost 70,000 copies of a new variant of the Bagle downloader had been intercepted by MessageLabs as of 5 p.m. last night, according to the anti-virus vendor. The virus seems to have originated from an address alleging to be within Yahoo! Groups.

This recent Bagle version drops a trojan that tries to download itself from a wide variety of locations. Those computer users who activate the attached file unknowingly unleash the virus, which harvests email addresses it locates on the users' hard drives. The virus then forwards itself by way of the list of email addresses it has discovered in the infected computer. Once activated, the Bagle downloader variant places a copy of an executable file onto the compromised computers. That file then polls a vast list of URLs for the availability of a new mass-mailing component.

According to MessageLabs, the subject lines for the infected email is empty, and no body text is included. Roughly 70 variants have been reported of Bagle, which have been tracked since the virus first appeared in January 2004.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing