Bagle (computer worm)

Bagle (computer worm)

Bagle (also known as Beagle) is a mass-mailing computer worm written in pure assembly and affecting all versions of Microsoft Windows. The first strain, Bagle.A, did not propagate widely. A second variation, Bagle.B is considerably more virulent.

Bagle uses its own SMTP engine to mass-mail itself as an attachment to recipients gathered from the victim computer. It copies itself to the Windows system directory (Bagle.A as bbeagle.exe, Bagle.B as au.exe) and opens a backdoor on TCP port 6777 (Bagle.A) or 8866 (Bagle.B). It does not mail itself to addresses containing strings such as "@hotmail.com", "@msn.com", "@microsoft" or "@avp".

The initial strain, Bagle.A, was first sighted on January 18, 2004. It was not widespread and stopped spreading after January 28, 2004.

The second strain, Bagle.B, was first sighted on February 17, 2004. It was much more widespread and appeared in large quantities; Network Associates rated it a "medium" threat. It is designed to stop spreading after February 25, 2004.

Subsequent variants have later been discovered. Although they have not all been successful, a number remain notable threats.

Since 2004, the threat risk from these variants has been changed to "low" due to decreased prevalence.

External links

* [http://vil.nai.com/vil/content/v_100965.htm Bagle] from McAfee
* [http://vil.nai.com/vil/content/v_101030.htm Bagle.B] from McAfee
* [http://www.symantec.com/security_response/writeup.jsp?docid=2004-071912-1847-99 Beagle] from Symantec


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Netsky (computer worm) — Netsky is a prolific family of computer worms. The first variant appeared on Monday, February 16, 2004. The B variant was the first family member to find its way into mass distribution. It appeared on Wednesday, February 18, 2004. 18 year old… …   Wikipedia

  • Timeline of computer viruses and worms — Contents 1 1960–1969 1.1 1966 2 1970–1979 2.1 1 …   Wikipedia

  • Conficker — Common name Aliases Mal/Conficker A(Sophos) Win32/Conficker.A (CA) W32.Downadup (Symantec) W32/Downadup.A (F Secure) Conficker.A (Panda) Net Worm.Win32.Kido.bt ( …   Wikipedia

  • Storm botnet — The typical lifecycle of spam that originates from a botnet: (1) Spammer s web site (2) Spammer (3) Spamware (4) Infected computers (5) Virus or trojan (6) Mail servers (7) Users (8) Web traffic The Storm… …   Wikipedia

  • Operation: Bot Roast — is an operation by the FBI to track down bot herders, crackers, or virus coders who install malicious software on computers through the Internet without the owners’ knowledge, which turns the computer into a zombie computer that then sends out… …   Wikipedia

  • Sven Jaschan — (born April 29 1986) is the self confessed author of the NetSky and Sasser computer worms. History Jaschan lived in the village of Waffensen, Germany and attended a computer science school in nearby Rotenburg.The student admitted writing and… …   Wikipedia

  • Mega-D botnet — The Mega D, also known by its alias of Ozdok, is a botnet that at its peak was responsible for sending between 30% and 35% of spam worldwide.[1][2][3] On October 14, 2008, the U.S Federal Trade Commission, in cooperation with Marshal Software,… …   Wikipedia

  • BredoLab botnet — The BredoLab Botnet, also known by its alias Oficla,[1] was a Russian founded[2] botnet mostly involved in viral e mail spam. Before the botnet was eventually dismantled in November 2010 through the seizure of 143 command and control servers, it… …   Wikipedia

  • DoSnet — A DoSnet (Denial of Service network) is a type of botnet/malware and mostly used as a term for malicious botnets while benevolent botnets often simply are referred to as botnets. Dosnets are used for Distributed Denial of Service (DDoS) attacks… …   Wikipedia

  • Zeus (trojan horse) — Zbot redirects here. For the action figures, see Zbots. For other uses, see Zeus (disambiguation). Zeus is a Trojan horse that steals banking information by keystroke logging and Form Grabbing. Zeus is spread mainly through drive by downloads and …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”