Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
Antivirus software companies began warning e-mail users this week that the persistent Bagle virus has re-emerged in a new version, Bagle.AF or Beagle.AB.
The virus comes in the form of a password-protected .zip file and has the password included in the message body as plain text or within an image. According to antivirus company F-Secure of Helsinki, Bagle.AF has quite similar functionality to Bagle.Z, which appears to indicate that the author of Bagle.AF had Bagle.Z's source code.
The first Bagle virus, which spreads throughout the Internet via infected e-mail messages and by targeting machines running Microsoft's Windows operating system, was discovered in January.
Since then it has continually been popping up with new variants, and given a plethora of names by the various antivirus companies. In March, a variant--with three names: Bagle.U, W32/Bagle.n@MM, and W32/Beagle.m@MM--struck the Internet and foiled users with a small bitmap image to escape detection by antivirus programs.
Risk Assessment
F-Secure upgraded Bagle.AF to its "Radar Level 2" alert early Friday morning after receiving several samples of it from infected users in North America and Europe, according to Mikko Hyppönen, the director of antivirus research at F-Secure.
"The beginning of the outbreak looked pretty bad, as the initial burst of infections was big and worldwide," Hyppönen says in an e-mail response to questions. "However, since then the amount of infections has leveled out and we don't expect this to become any bigger problem. It seems that the virus was seeded much more aggressively than some of the other recent Bagle variants."
Trend Micro, based in Tokyo, rated the risk from the Bagel variant as "medium," though it says the damage and distribution potentials of the virus are high.
McAfee, in Santa Clara, California, raised its risk assessment to "medium-on-watch" and warned it had the potential of being upgraded to a high-risk threat. The company says, that as of late Thursday, it had received over 100 reports of the virus, most of which came from the U.S.
Symantec upgraded its warning on what it is calling W32.Beagle.AB@mm to a "Level 3" after it received 66 submissions of infections from customers, 17 of those being from corporate customers.
