You are here: silicon.com > Software > Security Strategy

Security Strategy

Virus warning: Netsky appears as Bagle spreads

Mass mailers amassing, beware the classic one-two...

Tags: klez, mydoom, virus, worm

By Will Sturgeon

Published: 18 February 2004 16:30 GMT

Antivirus vendors worldwide have updated their warnings regarding Bagle.B to the highest levels, as the variant outstrips the performance of its predecessor.

But it's the sucker punch that may be delivered by a new arrival on the horizon - Netsky - that could really hit networks hard while administrators are all distracted by the Bagle variant.

F-Secure, Sophos and MessageLabs all upgraded Bagle.B to their highest alert level overnight, after the worm started to spread yesterday.

MessageLabs has so far stopped 92,000 instances of Bagel.B across 66 different countries, after it was first detected in Poland.

But while admins are fighting to safeguard their networks against Bagle.B, they may be leaving themselves open to a far more serious threat in the shape of Netsky, which shows signs of spreading at a similar rate.

While Bagle.B has outperformed expectations based on the simplicity of its programming, Carole Theriault, a security consultant at Sophos, believes the mass-mailing Netsky poses a greater threat.

"Netsky has a variety of subject lines, message text and attachments, making it more like Klez or MyDoom," said Theriault. The virus attachment also has double extensions - which thinly disguises its actual nature. While this is hardly rocket science, it is still more deceptive than the obvious .exe extension.

The virus also copies itself to shared folders - often taking a file name of a sexual nature - meaning it poses a risk to users swapping pornography via peer-to-peer services and network shares.

"I'm actually surprised that people are still clicking on the Bagle virus despite all the media and press attention," said Theriault. "But the added complexity of Netsky means it may well still catch out a lot of people."

"I'd be very surprised if it doesn't turn out to be worse than [the first] Bagle," she warned.

As ever, the advice in both instances is simple. Do not open files that you cannot vouch for and don't necessarily trust an email just because it comes from a known contact.

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


  • Jobs
Head of Conservation (Wildlife / Nature Projects)

Head of Conservation (Wildlife / Nature Projects)Edinburgh30,000 - 35,000 (relocation package may be available)Our client is a membership-based ...

Regional Manager Security Research Lead Malware Italy Spain or Sweden

It is a function of the role to support converting proof-of-concepts into implementations as a consultant.The role also encompasses acting as the key ...

Network Security Engineer

Knowledge of Microsoft Internet and Acceleration (ISA) Server 2006, Sophos Anti virus for Unix and Netscreen ScreenOS is required.Ideally you will be ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: