Yesterday’s Bagles – how dangerous are they?

30 Oct 2004

minute read

Authors

Alexander Gostev

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake in the code: it can’t send copies over email. We put this variant in with Bagle.au, but may re-name it Bagle.av.

It is hard to see the difference between a mass-mailing and a real epidemic, so different AV companies gave the new Bagles different danger levels. We chose to stay at ‘medium risk’, for instance.

This incident confirms my idea that the Age of Worms is over. The new Bagles made news during the initial mass mailing, when they used zombie machines infected by Trojans.

The danger today is from botnets, not worms, and we are very concerned about this.

Authors

Alexander Gostev

Yesterday’s Bagles – how dangerous are they?

Latest Posts

Latest Webinars

Reports

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Yesterday’s Bagles – how dangerous are they?

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Zcash, or the return of malicious miners

IT threat evolution in Q1 2016

Adwind: FAQ

Agent.btz: a Source of Inspiration?

Kaspersky Security Bulletin 2013. Forecasts

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Threats in space (or rather, on Earth): internet-exposed GNSS receivers

Loose-lipped neural networks and lazy scammers

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Indirect prompt injection in the real world: how people manipulate neural networks

Latest Posts

Download a banker to track your parcel

Dark web threats and dark market predictions for 2025

Careto is back: what’s new after 10 years of silence?

Story of the Year: global IT outages and supply chain attacks

Latest Webinars

Inside the Dark Web: exploring the human side of cybercriminals

The Cybersecurity Buyer’s Dilemma: Hype vs (True) Expertise

Cybersecurity’s human factor – more than an unpatched vulnerability

Building and prioritizing detection engineering backlogs with MITRE ATT&CK

Reports

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

APT trends report Q3 2024

Beyond the Surface: the evolution and expansion of the SideWinder APT group

Subscribe to our weekly e-mails