And the Bagles just keep on coming

12 Aug 2005

minute read

Yury Mashevsky

Authors

Yury Mashevsky

A quick update: over the last twenty four hours, we had eleven new Bagle variants, from Bagle.bz to Bagle.cj. Some of them were new versions, and some were old variants which had been repacked.

All the new versions were either spammed, or placed on sites for download. They’re being used to ensure that the Bagle botnet survives.

A very old Bagle variant was also spammed; it had been repacked using a new version of the packing program.

The Bagle bakery is clearly still in business, but hasn’t come up with any new recipes for a while.

And the Bagles just keep on coming

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Posts

Latest Webinars

Reports

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.

Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor for persistence in infected systems and its new tool, PowerCloud.

Kaspersky researchers analyze a range of new PebbleDash-based tools used in recent Kimsuky campaigns and reveal their connection to the AppleSeed malware cluster.

Kaspersky researchers uncovered malicious wheel packages in PyPI that targeted both Windows and Linux and contained a dropper delivering malware dubbed ZiChatBot. We attribute this activity to OceanLotus APT.

And the Bagles just keep on coming

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

The antivirus weather forecast: cloudy

Crimeware: A new round of confrontation begins…

Malware Miscellany, September 2009

Malware Miscellany, December 2008

Malware Miscellany, November 2008

The game is over: when “free” comes at too high a price. What we know about RenEngine

Deep analysis of the flaw in BetterBank reward logic

Post-exploitation framework now also delivered via npm

Massive npm infection: the Shai-Hulud worm and patient zero

The SOC files: Rumble in the jungle or APT41’s new target in Africa

Latest Posts

Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools

StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader

A VBScript campaign distributed through WhatsApp deploying RMM software

Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk

Latest Webinars

AI meets cybersecurity: Powering the next digital move

Automate your SOC with Kaspersky XDR 2.0

How do we catch 0-days?

SOC evolution: From firefighting to strategic risk management

Reports

ToddyCat: your hidden email assistant. Part 2

Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

Kimsuky targets organizations with PebbleDash-based tools

OceanLotus suspected of using PyPI to deliver ZiChatBot malware

Subscribe to our weekly e-mails