Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Bagle latches on to antispam ploy

Mar 15, 2004 4:26AM PST

Last modified: March 15, 2004, 9:12 AM PST
By Munir Kotadia
Special to CNET News.com

Three new Bagle variants discovered over the weekend differ from previous incarnations by using an antispam trick to try to avoid detection by antivirus software--but experts believe the attempt won't succeed.

The Bagle worm installs a back door on infected systems and could allow a machine to be used as an e-mail gateway for sending spam. Since the beginning of March, Bagle has arrived under the guise of an encrypted Zip file with a password included in the e-mail text. Within days, antivirus companies updated their products to look for the password and decrypt the Zip file.

But now the Bagle author has released three new versions (N, O and P) of the worm that produce the password in the form of a graphic or picture file, so a simple text scan of the infected e-mail will not find the password. This trick is commonly used by Web sites to hide e-mail addresses from Web bots that trawl the Internet looking for potential spam targets.

More: http://news.com.com/2100-7355_3-5173129.html?part=rss&tag=feed&subj=news

Discussion is locked