New Improved Bagle Worm Win32.Glieder! Now with Win32.Fantibag and Win32.Mitglieder 6/6/2005 - 827 views, 1 Comment
|
Previous Article « Email Exceeds Phone As Favored Communication Tool According To Study Released Today By www.reachon.com (News Release)
Read Next Article » 3.9 Million Citigroup Customers’ Data Compromised
Not content to just do its normal wormly dirty work, a new variation on the infamous Bagle worm, Win32.Glieder, brings with it two companion Trojans, Win32.Fantibag and Win32.Mitglieder (literally, in German, “with Glieder”). Said Chris Thomas, a security architect with Computer Associates, “We’ve seen blended threats before where a virus uses several methods to spread, but not like this.”‘ In fact, this version of Bagle is so different that it warranted a brand new name of its own, the “Glieder” designation. Win32.Glieder starts out like any other worm - mass-emailing itself to everyone on its host’s address book list. But then the tagalong Trojan Win32.Fantibag disables the host computer’s antivirus software update mechanism, and second tagalong Trojan, Win32.Mitglieder, disables any firewalls and antivirus software that it can, and, according to TechNewsWorld, hijacks and subjugates the infected machine, making it part of an ever-expanding botnet. A botnet, in this context, is a collection of compromised PCs connected to the Internet which are used remotely by spammer and others to spam, launch denial of service attacks, and for other malicious Internet-related activities. Win32.Glieder may, but does not necessarily, show up as an email attachment called “price.zip”. To protect yourself against Win32.Glieder, make sure that your anti-virus software is up-to-date and that your latest update includes a definition for Win32.Glieder. And of course never, never open an unexpected or unfamiliar attachment.
|
|
Email the link for this page to a friend! |
Read more:
» Bagles and Locks: New Bagle Virus Rolls Across Internet (a/k/a Bagle.da and Bagle.cd)
» New Version of Bagle Virus: Such a Cheery Little Email
» Newest AIM Opanki Worm says “LOL Look at Him”
» AIM Gpic.aol Worm Says “damn this looks just like me lol”
For additional similar stories check out our archives on Security, Virus & AntiVirus, Windows, Worms
Have the A/V companies only JUST realised this is in the wild?!?! I’ve spent countless hours over the last 3 months cleaning up exactly this infection. What’s worse (for a computer tech) is that it typically requires rebuilding the infected machine after the infection, because even removing the cause doesn’t repair all the collateral damage this beastie does to it’s host machine.
Comment by The PC Mechanic — 6/9/2005 @ 8:08 am