Mass mailers amassing, beware the classic one-two...
Published: 18 February 2004 16:30 GMT
Antivirus vendors worldwide have updated their warnings regarding Bagle.B to the highest levels, as the variant outstrips the performance of its predecessor.
But it's the sucker punch that may be delivered by a new arrival on the horizon - Netsky - that could really hit networks hard while administrators are all distracted by the Bagle variant.
F-Secure, Sophos and MessageLabs all upgraded Bagle.B to their highest alert level overnight, after the worm started to spread yesterday.
MessageLabs has so far stopped 92,000 instances of Bagel.B across 66 different countries, after it was first detected in Poland.
But while admins are fighting to safeguard their networks against Bagle.B, they may be leaving themselves open to a far more serious threat in the shape of Netsky, which shows signs of spreading at a similar rate.
While Bagle.B has outperformed expectations based on the simplicity of its programming, Carole Theriault, a security consultant at Sophos, believes the mass-mailing Netsky poses a greater threat.
"Netsky has a variety of subject lines, message text and attachments, making it more like Klez or MyDoom," said Theriault. The virus attachment also has double extensions - which thinly disguises its actual nature. While this is hardly rocket science, it is still more deceptive than the obvious .exe extension.
The virus also copies itself to shared folders - often taking a file name of a sexual nature - meaning it poses a risk to users swapping pornography via peer-to-peer services and network shares.
"I'm actually surprised that people are still clicking on the Bagle virus despite all the media and press attention," said Theriault. "But the added complexity of Netsky means it may well still catch out a lot of people."
"I'd be very surprised if it doesn't turn out to be worse than [the first] Bagle," she warned.
As ever, the advice in both instances is simple. Do not open files that you cannot vouch for and don't necessarily trust an email just because it comes from a known contact.
Shout it from the rooftops people...
DONT CLI...
Bob
I simply wish to register my thanks for your enlig...
Chuka Madu
"I'm actually surprised that people are still clic...
Anonymous
In the last 12 years I have used Macs every day an...
Anonymous
In the last 12 years I have used Macs every day an...
Jacob Allred
Head of Conservation (Wildlife / Nature Projects)Edinburgh30,000 - 35,000 (relocation package may be available)Our client is a membership-based ...
It is a function of the role to support converting proof-of-concepts into implementations as a consultant.The role also encompasses acting as the key ...
Knowledge of Microsoft Internet and Acceleration (ISA) Server 2006, Sophos Anti virus for Unix and Netscreen ScreenOS is required.Ideally you will be ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business