Virus writers fear no retribution

We’ve been continuing to investigate the Bagle situation – and it shows us once again how helpless legislation is in the face of cyber crime. At the moment, cyber-crime laws are local, and are specific to individual countries. But virus writers aren’t constrained by national boundaries.

So what has this got to do with Bagle? It’s become clear to us that the authors of Bagle, Netsky, Zafi and a whole range of other malicious programs are working closely together. They may not know each other personally, but they’re all using information from the author of Bagle to send out their creations. In just the past two days, over 50 modifications of worms and other malicious programs have been widely distributed by these virus authors. And the timing of the mailings shows that the malicious code is being sent either automatically or semi-automatically.

So virus writers have not only joined forces, but they’ve automated the process of infecting computers and finding new victim machines. They understand that legislation is powerless to stop them, and are continuing to extend their reach. This latest case is another nail in the coffin of a safe, user-friendly Internet.

Virus writers fear no retribution

Your email address will not be published.



The SessionManager IIS backdoor

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

APT ToddyCat

ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.

WinDealer dealing on the side

We have discovered that malware dubbed WinDealer, spread by Chinese-speaking APT actor LuoYu, has an ability to perform intrusions through a man-on-the-side attack.

APT trends report Q1 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox