New Bagle variant seen in the wild

After an initial outbreak of the virus, the infection seems to be slowing. Antivirus software companies late yesterday and early today began warning e-mail users that the persistent Bagle virus has re-emerged in a new version, Bagle.AF or Beagle.AB.

The virus comes in the form of a password-protected .zip file and has the password included in the message body as plain text or within an image. According to antivirus company F-Secure Corp. in Helsinki, Finland, Bagle.AF has functionality similar to that of Bagle.Z, indicating that the author of Bagle.AF had Bagle.Z’s source code. The first Bagle virus, which spread throughout the Internet via infected e-mail messages and by targeting machines running Microsoft Corp.’s Windows operating system, was discovered in January. Since then, it has continually been popping up with new variants and has been given a plethora of names by the various antivirus companies. In March, a variant — which had three names: Bagle.U, W32/Bagle.n@MM and W32/Beagle.m@MM — struck the Internet and foiled users with a small bitmap image to escape detection by antivirus programs. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.