Sophos Warns of Bagle-KL Worm
Sophos has warned of a new worm, dubbed Bagle-KL. The worm spreads as a ZIP email attachment.
Sophos has warned of a new worm, dubbed Bagle-KL. The worm spreads as a ZIP email attachment.
The file has an encrypted password. The password is generated randomly and is conveyed to the user as an embedded image in the email.
The worm spreads by email using subject lines randomly chosen from 118 different names that are programmed into its code.
According to Sophos, the names include:
– Ann
– Anthonie
– Constance
– Emanual
– Frances
– Geoffraire
– Harrye
– Humphire
– Judith
– Margerie
– Michael
– Nicholas
– Robert
– Winifred
– Johen
– Thomas
When the ZIP file is run, the worm attempts to deactivate security applications on a computer and downloads further malicious codes from websites. These websites are based in Poland, Russia or the Czech Rebublic.
Sophos is a provider of threat management solutions. Sophos offers protection against threats, including known and unknown malware, spyware, intrusions, unwanted applications, spam and policy abuse.
LINKS:
For more information on the worm and for a screenshot of the email, click here.
For more information on the company, visit Sophos.
Comments are closed.
