SECURITY

Bagle Variant Rolls Through Security Holes

Print Version
E-Mail Article
Reprints

By Jay Lyman
TechNewsWorld
Part of the ECT News Network
08/10/04 2:42 PM PT

In an earlier era, a worm like Bagle would be released, then a few variants of that worm would follow. The new trend is for virus writers to "seed" their viruses by releasing a handful of variants at the same time, iDefense analyst Ken Dunham said. These tsunami-like attacks are intended to overwhelm antivirus software.


Entering European Markets: A Challenging but Real Opportunity
Although the U.S. has a large Internet population, 79 percent of all Web users are now outside the U.S. Online retailers have viable options for entering into international expansion mode, particularly with respect to European markets. [Download PDF: 6 pgs | 686k]

Computer viruses and variants have been known to reemerge after a lull in activity, but the latest case, the Bagle.aq virus, highlights continued security problems. Many users are unaware that they are acting as a relay for malicious code, spam and more.

The threat level for Bagle.aq was raised by antivirus giant McAfee Latest News about McAfee, which said that the virus -- a descendent of the relentless string of Bagle, Netsky and MyDoom worms that slowed the Internet and confounded virus fighters earlier this year -- was spreading primarily among home users.

Security experts said that both the number and the danger of variants -- which now include built-in SMTP spamming engines, as well as Trojans that allow future access -- continue to rise, leaving the Internet community as a whole at greater risk.

"They [virus writers] know as well as we know that there are thousands of machines out there that are not protected," McAfee AVERT vice president Vincent Gulotto told TechNewsWorld.

Growing Virus Families

In an earlier era, a worm would be released, then a few variants would follow. The new trend is for virus writers to "seed" their viruses by releasing a handful of variants at the same time, iDefense Latest News about iDefense director of malicious code Ken Dunham said. These tsunami-like attacks are intended to overwhelm antivirus software.

"We've seen a dramatic increase in waves of attack and multivariant families," Dunham told TechNewsWorld. "When there are multiple variants and they are randomized, it makes it difficult to identify them and know what you're dealing with."

Dunham added that sharing of virus code and collaboration among virus writers is also increasing.

Woes of Worm War

The new Bagle variant makes clear that the viruses that infected machines and clogged Internet traffic last year still account for the bulk of viruses in circulation, Dunham said.

McAfee's Gulotto said that security experts had confronted "wars" in the past, but nothing to compare with what played out last March and April, when virus writers exchanged barbs using variants of the three nasty worms.

Search and Spread

Gulotto said most worms today do not damage data or machines, but rather commandeer PCs to spread themselves further or send spam.

"The number [of virus writers] is going to grow as the Internet grows," Dunham said. "As the use of the Internet, the complexity and integration continue to grow, so does the evolution of hacking."

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Jay Lyman   RSS

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]