Yesterday, the latest variant of the Bagle worm began to spread online. Many antivirus companies are warning that many new versions of their worms will appear soon.
The new virus is called Bagle.AI or Bagle.Ag, according to the naming of network security companies. It is capable of spreading via e-mail as an attachment and will immediately attack the user when activated. This variant is very similar to previous versions but uses a different compression format that aims to "bypass" antivirus engines.
"Once the code has been released, it will facilitate the hacker's attack and float the new variant," said Oliver Friedrichs, director of Symantec's Rapid Response Center.
Bagle.AI appears as an attachment and "raids" computers running the Windows operating system. It exploits the victim's e-mail address and then hides in the message addressed to all targeted addresses. Like its predecessor, the virus seeks to shut down more than 250 security programs on its victim machine while trying to contact one of the 150 disabled German websites (double the number of addresses). which variants advance contact). These are pre-established websites, containing hacker software that statisticically counts how many computers have been infected by Bagle.
Symantec has raised the alert level of Bagle.AI to level 3 in their 5-step alarm scale. & Nbsp;
The latest Bagle worm variant is the fourth version detected by antivirus companies in just one week. In early July, the author of this worm floated a version that contained source code and computer commands. As a result, the virus will be "born". Security companies insist that the move will help authors launch more advanced variants
