CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Security

This week in worms

New variant of mass-mailing PC virus known as Bagle is making the rounds. Also: MySQL bot takes advantage of administrators' poor password choices.

Worms never die. They just temporarily fade away.

A new variant of the mass-mailing PC virus known as Bagle is making the rounds. The latest version of the malicious software, which some experts refer to as an e-mail worm, is rearing its head worldwide. Virus trackers in China, Japan, the United States and parts of Europe have reported instances of the threat.

The new offshoot, which it calls Bagle.AZ, is distributed as an e-mail attachment that cloaks itself as a delivery notification or confirmation. It uses "spoofed" e-mail addresses to appear to be from a known source.

Another worm that takes advantage of administrators' poor password choices has started spreading among database systems. The malicious program, known as the MySQL bot or by the name of its executable code, SpoolCLL, infects computers running the Microsoft Windows operating system and open-source database known as MySQL.

The worm gets initial access to a database machine by guessing the password of the system administrator, using common passwords. It then uses a flaw in MySQL to run another type of program, known as bot software, which then takes full control of the system.

One of the most popular online games is falling prey to a new pest that steals subscriber information. The LegMir-Y Trojan horse attempts to steal usernames and passwords for "Lineage," an online fantasy game with more than 4 million paying subscribers, mostly in Korea and other Asian nations. The pest also attempts to turn off antivirus software on an infected PC.

Led by "Lineage," online games have become a huge business in Asia, where millions of players pay fees of $15 to $20 a month to access fantasy universes.