Bagel worm spreads around world

by Robert Jaques

19 Jan 2004

An internet worm that can enable hackers to take control of infected PCs is spreading around the world.

The worm, W32/BAGLE@MM, also known as Bagle, harvests addresses from local .wab, .txt, .htm, and .html files.

Further reading

Antivirus company Sophos said it has received "many" reports of the worm, which sends itself to addresses taken from files on the hard disk.

"The worm spoofs the 'from' field in emails it sends, which means it may appear to have come from someone you know," the company said in a statement.

The worm includes a back door component that listens on TCP port 6777. This allows an attacker to upload and execute arbitrary programs on infected computers.

It attempts to notify the virus author of its readiness to accept commands by contacting various websites and trying to activate a script that identifies the compromised computer.

Users should delete any email containing the following:

From: (address may be forged)

Subject: Hi

Body:

Test =)

(random characters)

Test, yep.

Attachment: (random filename) 15,872 bytes

example:

frjujs.exe

Sophos said the worm will not activate on PCs with a system date of 28 January 2004 or later.

Topics:
Security

Do you agree?

Add your comment

Your name:
Your email address:	We won't publish your address
Your comment title:
Your comment:	By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Submit your comment

Get the latest news headlines direct to your inbox

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

Yes, the government has been proactive in addressing threats

36%

Yes, the strong UK technology sector helps ensure access to top-level equipment and expertise

No, the government is lagging behind in adequately protecting the UK infrastructure

10%

No, there’s always exploits that can be attacked

54%

Features

It's time to change tax system to bring technology manufacturing back to the UK

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Quick guide to Flame malware attack

Quick guide to cookie law compliance

More features

Samsung Galaxy S3 video review

V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer

Sign up to our daily or weekly newsletters

Follow @V3_co_uk

Case studies and reports

Social networking: a guide for IT managers

Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them

Mitigating the risks of IT change

The importance of understanding your infrastructure

Technology jobs

Flash Developer- actionscript, AJAX, JSON

Flash Developer- Actionscript 3.0, AJAX, JSON, computer...

Business Analyst, Risk platform, Equity Derivs, Investment Bank

Business Analyst - Risk platform - Equity Derivatives...

Java Developer - Algorithmic Trading - Global Trading Business

Java Developer - Algorithmic Trading - Global Trading...

Junior Treasury Project Manager, Tier One Investment Bank

Junior Middle Office Project Manager, Treasury, IB...

White paper library
Latest white papers

Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.

More white papers

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

About us:

Business & technology web sites:

Blogs & community:

Reviews:

Software downloads:

Tools & resources:

Accreditation:

Digital Publisher of the Year 2010

Friend's email address	To send to more than one email address, simply separate each address with a comma.
Your email address
Message