Macktez: Beagle: New Windows Worm

Beagle: New Windows Worm

Pete Curtner wrote this on Wednesday, February 18, 2004 at 10:58 AM.

Leave a Comment - 1 left to date.
Print - For a simpler, printing-friendly view.

More about us
News - There are a few things about us, our friends, and our clients that we'd like you to know.
The Firm - Our address and telephone numbers.
Anyone will do - Send a note to us right now.

Look for something here

The latest critical Windows worm is a new variant called Bagle.B (or Beagle). (It does not run on the Mac, but it can still hijack Mac email addresses and affect us with other problems, like previous Windows worms.)

NAME: Bagle.B
ALIAS: I-Worm.Bagle.B, WORM_BAGLE.B, W32.Beagle.B@mm, W32/Tanx.A, W32/Yourid.A, W32.Alua@mm, Win32.HLLM.Strato
SIZE: 11264
F-Secure is upgrading Bagle.B worm to Level 1, as it keeps spreading rapidly. It arrives in email with random subject and attachment name with an EXE extension. The worm installs a backdoor that listens on port 8866. Bagle.B worm has been programmed to stop spreading on February 25th.
Found on 17th of February 2004, Bagle.B is a variant of the successful Bagle. As its predecessor it is mass-mailing worm. The worm sends messages with the subject 'ID [random string]... thanks' and random EXE attachment names. It also installs a backdoor.

Comments

Noah [02/19/2004 18:44]: Note these links to the official Network Associates (who dubbed it "W32/Bagle.b@MM") and Symantec (who dubbed it "W32.Beagle.B@mm") pages.


Content & Design © 2004 Macktez Corporation