Bagle’s author back at work

11 Aug 2005

minute read

Authors

Yury Mashevsky

It looks as though the Bagle author is back from his vacation. Today we’ve detected several new variants (actually old variants which have been repacked) and they are still coming in.

New malware has been placed on the sites listed in the worms’ bodies, so it maybe that we will see some of these Bagles updating themselves automatically. We’ll keep you posted.

Authors

Yury Mashevsky

Bagle’s author back at work

Latest Posts

Latest Webinars

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Bagle’s author back at work

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

The antivirus weather forecast: cloudy

Crimeware: A new round of confrontation begins…

Malware Miscellany, September 2009

Malware Miscellany, December 2008

Malware Miscellany, November 2008

A hack in hand is worth two in the bush

QBot banker delivered through business correspondence

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Latest Posts

Kaspersky Security Bulletin 2023. Statistics

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

Latest Webinars

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails