latest microsoft windows worm on the creep

  • Thread starter Thread starter Daeron
  • Start date Start date
D

Daeron

New mass-mailing worm on the creep
William Jackson Jan 20 2004


[..]

A new mass-mailing worm, known as W32/Bagel-A or just Bagel.A, began
spreading rapidly over the weekend in Europe.

[..]

Bagel.A began spreading late Sunday and by early Monday morning more
than 50,000 interceptions had been made.

[..]

“There’s nothing particularly enticing about the message sent out by
Bagel, yet it spreads with very good success in the wild,

[..]

“It appears that being brief and saying little, even if the content is
vague and scarce, is a highly effective method for spreading malicious
code.”

http://www.washingtontechnology.com/news/1_1/daily_news/22533-1.html
 
I received thisvirus twice within the last week. Both times were sent
from the same computer, but with different names. Norton caught them
both, as they came in. I have notified the ISP that they originated
from and I hope they follow up.

I am on a mailing list from a friend who sends me jokes periodically.
Both of the names that showed up on this virus were from people on
that list. While I have advised this friend of the dangers of using
multiple people in the To: or the CC: field, it fell on deaf ears.

The effectiveness of e-mail viruses are increased by 1. people who
don't have a virus checker. 2. people who do not regularly update
their virus definitions, 3. people who use the To: or CC: when doing a
mass mailing.

I advise my customer's and friends to update and use their anti-virus
programs at least once a week and to use Bcc: for multiple mailings.
Every little bit helps


New mass-mailing worm on the creep
William Jackson Jan 20 2004


[..]

A new mass-mailing worm, known as W32/Bagel-A or just Bagel.A, began
spreading rapidly over the weekend in Europe.

[..]

Bagel.A began spreading late Sunday and by early Monday morning more
than 50,000 interceptions had been made.

[..]

“There’s nothing particularly enticing about the message sent out by
Bagel, yet it spreads with very good success in the wild,

[..]

“It appears that being brief and saying little, even if the content is
vague and scarce, is a highly effective method for spreading malicious
code.”

http://www.washingtontechnology.com/news/1_1/daily_news/22533-1.html
Click to expand...
 
The effectiveness of e-mail viruses are increased by 1. people who
don't have a virus checker. 2. people who do not regularly update
their virus definitions, 3. people who use the To: or CC: when doing a
mass mailing.
Click to expand...

Add to that "people who execute attachments that they have no
real reason to execute (and many reasons not to)." A virus
checker really won't help much if the worm is unknown to it,
so having one and keeping it updated (which is a good idea)
usually has little effect on a new worm. Number one on your
list should be the one I suggested, as it is the most effective
and important one.

The blind carbon copy suggestion is also a good one since
many worms harvest addresses from mailboxes.
 
FromTheRafters said:
Add to that "people who execute attachments that they have no
real reason to execute (and many reasons not to)." A virus
checker really won't help much if the worm is unknown to it,
so having one and keeping it updated (which is a good idea)
usually has little effect on a new worm. Number one on your
list should be the one I suggested, as it is the most effective
and important one.

The blind carbon copy suggestion is also a good one since
many worms harvest addresses from mailboxes.
Click to expand...

Do these worms harvest email addresses from messages or from the address
book?

If it's from the address book then using BCC will make no difference.
 
Trog Dog said:
Do these worms harvest email addresses from messages or from the address
book?
Click to expand...

Both, plus many other places as well. For instance Swen searches
..html, .asp, .eml, .dbx, .wab, and .mbx files.
If it's from the address book then using BCC will make no difference.
Click to expand...

Without using Bcc, everyone will have everyone elses addresses in their
inbox folder which most worms will harvest from. Some of these worms
don't require that the victim even have an address book (or mail client).
 
Quoth the raven named Trog Dog:
Do these worms harvest email addresses from messages or from the
address book?
Click to expand...

Answer: some do and some don't. Most of the new, more sophisticated
worms look all over your hard drive.
If it's from the address book then using BCC will make no
difference.
Click to expand...

The object of using BCC is to keep your address from being found on as
many other people's computers as possible.
 
Back
Top