Bagle.at links to compromised sites now active

We mentioned a payload for Bagle.at, where the worm tried to connect to copmromised sites. The links were inactive up to now. Today some of the links are active.

Bagle.at tries to download and execute TrojanDownloader.Win32.Small.zj, a new variant of Small.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *