Security news
Security news3 March 2006
Bagle-DO mass-mailing worm threatens lawsuit
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned users about a new version of the Bagle worm which poses as a lawsuit against the recipient.
The W32/Bagle-DO worm spreads in emails with subject lines such as "Pay your debts before we come to you", "Call to your lawer immidiately", "Lawsuit against you," and "We wait your response". The emails urge the recipient to open the attached file (which can be called lawsuit.exe, explanation.exe or documents.exe), but if it is executed the worm installs itself on the PC and looks for other computers to infect via email and peer-to-peer file-sharing systems.
The worm chooses from a variety of messages to send, all claiming to be about different types of legal action. Messages include one that claims the recipient's company sent an unsolicited commercial fax without permission. Another claims the recipient's company conducted an unsatisfactory car service which resulted in a fire.
A typical message sent by the Bagle-DO worm.
"People who receive this viral email won't necessarily believe that it was intended for them or their company, of course, but they may wish to advise the apparent sender that they have sent the message to the wrong person. If anyone opens the attached file, however, they risk infecting their computer and passing on the pox to others," said Graham Cluley, senior technology consultant for Sophos. "Internet users need to be more careful about what emails they trust, and which files they choose to open on their PC. Proper security like up-to-date anti-virus software is a must. With more malware being written than ever before, unwary computer users are risking putting their data at risk."
The Bagle-DO worm also attempts to spread via P2P file-sharing systems as nude pictures of actress Kate Beckinsale, or erotic photographs of celebrity hotel heiress Paris Hilton and pop starlet Britney Spears.
Sophos has been protecting businesses against the W32/Bagle-DO worm since 01:30 GMT on 3 March 2006, but has so far not seen a large number of reports of the malware spreading in the wild.
Companies are recommended to protect their email with a consolidated solution to thwart the virus, spyware and spam threats and secure their desktops and servers with automatically updated anti-virus protection.
Download now
- SQL injection attacks are the biggest threat
- 90% of malware on legitimate sites
- Hackers exploit Web 2.0
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
