Yesterday’s Bagles – how dangerous are they?

30 Oct 2004

minute read

Authors

Alexander Gostev

Yesterday was hot with two new Bagles let loose. The worms were mailed using spam methods in one of the largest mass mailings this year. I hope that the weekend will mean the outbreak will calm down.

The third Bagle we saw yesterday was almost identical to the first two, except for a mistake in the code: it can’t send copies over email. We put this variant in with Bagle.au, but may re-name it Bagle.av.

It is hard to see the difference between a mass-mailing and a real epidemic, so different AV companies gave the new Bagles different danger levels. We chose to stay at ‘medium risk’, for instance.

This incident confirms my idea that the Age of Worms is over. The new Bagles made news during the initial mass mailing, when they used zombie machines infected by Trojans.

The danger today is from botnets, not worms, and we are very concerned about this.

Authors

Alexander Gostev

Yesterday’s Bagles – how dangerous are they?

Latest Posts

Latest Webinars

Reports

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.

While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020.

Yesterday’s Bagles – how dangerous are they?

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Zcash, or the return of malicious miners

IT threat evolution in Q1 2016

Adwind: FAQ

Agent.btz: a Source of Inspiration?

Kaspersky Security Bulletin 2013. Forecasts

Business on the dark web: deals and regulatory mechanisms

IoC detection experiments with ChatGPT

Come to the dark side: hunting IT professionals on the dark web

Who tracked internet users in 2021–2022

The state of cryptojacking in the first three quarters of 2022

Latest Posts

The state of stalkerware in 2022

The mobile malware threat landscape in 2022

Spam and phishing in 2022

IoC detection experiments with ChatGPT

Latest Webinars

ChatGPT – good or evil? AI impact on cybersecurity

Crimeware and financial predictions for 2023

Advanced persistent threat predictions for 2023

Reversing mobile threats in 2022

Reports

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

BlueNoroff introduces new methods bypassing MoTW

Ransomware and wiper signed with stolen certificates

DeathStalker targets legal entities with new Janicab variant

Subscribe to our weekly e-mails