Old-School Bagle Worm Spotted in Modern Spam Campaigns
#1
Quote:Fresh mass-email campaigns spreading the long-running Bagle worm have recently been spotted, affecting Microsoft Windows machines. These appear to be a throwback to an earlier time.

Also referred to as Beagle, Bagel contains a backdoor that listens on TCP port 6777 which is hardcoded in the worm’s body. This backdoor component provides remote access to the infected computer and can be used to download and execute other malware from the internet.

The bad code was first seen in January 2004, and since then has morphed to spawn plenty of different variants. Despite having so many malware options to choose from, the latest campaigns are going old-school, according to researchers at Comodo, writing in a posting on Monday. They involve the use of the very first two variants of the worm, Bagle.A and Bagel.B.

These arrive in peoples’ inboxes in password-protected .zip files; the password is given to the victim in the body of the email. It’s a more simplistic approach than what’s been seen with some later Bagle variants that eschew the attachment tactic.

Source: https://threatpost.com/old-school-bagle-...ns/139746/
[-] The following 2 users say Thank You to silversurfer for this post:
  • Der.Reisende, harlan4096
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>