New variants of the Bagle worm have added devious tricks to circumvent defenses and persist on infected computers. The two new versions of Bagle, tagged as Bagle.n and Bagle.o, were spotted over the weekend. They use several new tactics to squeeze by anti-virus defenses, among them packaging their payloads in password-protected .rar compressed files. Unlike earlier editions of Bagle, which tried to circumvent anti-virus software by placing the worm payload into an encrypted .zip archive, the new Bagles may also use a different archive format, .rar, a file type that consumers are unfamiliar with and enterprises may not block at the gateway. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.