By Gregg Keizer, TechWeb News 

Another bullying Bagle worm appeared Friday, security companies warned,
although this one threatens to bring on the lawyers, not the police. 
Bagle.do, said U.K.-based Sophos, spreads in e-mails with subject lines such
as "Call to your lawer [sic] immidiately [sic]" and "Lawsuit against you."
The text of the worm-carrying message varies, but all versions cite some
legal beef, ranging from identity theft to "spamming" faxes to the sender's
machine. 

The attached file, with names like "lawsuit.exe" and "explanation.exe,"
purport to be supporting legal documents but are, of course, the worm.
Launching the executable file infects the PC with a backdoor and lowers the
machine's security settings, and may end up with more malicious code
downloaded to the system from a slew of Web sites. 

Bagle.do will also try to spread via peer-to-peer file sharing by planting
copies of itself in folders commonly used by P2P applications such as KaZaa
and Limewire. 

"People who receive this viral email won't necessarily believe that it was
intended for them or their company, of course, but they may wish to advise
the apparent sender that they have sent the message to the wrong person."
said Graham Cluley, senior technology consultant for Sophos, in a statement.
"If anyone opens the attached file, however, they risk infecting their
computer and passing on the pox to others." 

As is the norm, other anti-virus companies tagged the worm with different
names. McAfee, for instance, called this "Bagle.dy," while Symantec dubbed
it "Bagle.dx." 

According to McAfee, the worm's author tucked a cryptic message inside the
malicious code: 

"In a difficult world In a nameless time I want to survive So, you will be
mine!!" 



CONFIDENTIALITY NOTICE:  This e-mail message and any attachment to this e-mail 
message contain information that may be privileged and confidential.  This 
e-mail and any attachments are intended solely for the use of the individual or 
entity named above (the recipient) and may not be forwarded to or shared with 
any third party.  If you are not the intended recipient and have received this 
e-mail in error, please notify us by return e-mail or by telephone at 
775-851-2900 and delete this message.  This notice is automatically appended to 
each e-mail message leaving Bytware, Inc.  



As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.