Yesterday’s Bagles – how dangerous are they?

30 Oct 2004

minute read

Authors

Alexander Gostev

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake in the code: it can’t send copies over email. We put this variant in with Bagle.au, but may re-name it Bagle.av.

It is hard to see the difference between a mass-mailing and a real epidemic, so different AV companies gave the new Bagles different danger levels. We chose to stay at ‘medium risk’, for instance.

This incident confirms my idea that the Age of Worms is over. The new Bagles made news during the initial mass mailing, when they used zombie machines infected by Trojans.

The danger today is from botnets, not worms, and we are very concerned about this.

Authors

Alexander Gostev

Yesterday’s Bagles – how dangerous are they?

Latest Posts

Latest Webinars

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Yesterday’s Bagles – how dangerous are they?

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Zcash, or the return of malicious miners

IT threat evolution in Q1 2016

Adwind: FAQ

Agent.btz: a Source of Inspiration?

Kaspersky Security Bulletin 2013. Forecasts

Top 10 web application vulnerabilities in 2021–2023

Network tunneling with… QEMU?

An educational robot security research

A lightweight method to detect potential iOS malware

Operation Triangulation: The last (hardware) mystery

Latest Posts

Android malware, Android malware and more Android malware

Threat landscape for industrial automation systems. H2 2023

A patched Windows attack surface is still exploitable

What’s in your notepad? Infected text editors target Chinese users

Latest Webinars

The Future of AI in cybersecurity: what to expect in 2024

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails