March 2nd, 2004, 12:19 PM
Yet another variant of the Bagle virus, this time with a twist.
ZIP files are a well-known way of getting past the "executable" stripped on firewalls. Bagle.I appears to take this one step further by randomly encrypting the ZIP file to thwart perimeter scanners, making it much harder to create a virus signature.
In addition, it does the usual stuff, backdooring port 2745, harvesting email addresses etc.
March 4th, 2004, 03:06 AM
Yeh, Bagle.H was the first one to do this. Most anti-viruses cannot scan encrypted-password protected ones so by default they dont try and let them through...causing a problem. I wonder how many variants will come out.