Results 1 to 2 of 2

Thread: Bagle.I

  1. #1

    Bagle.I

    Yet another variant of the Bagle virus, this time with a twist.

    ZIP files are a well-known way of getting past the "executable" stripped on firewalls. Bagle.I appears to take this one step further by randomly encrypting the ZIP file to thwart perimeter scanners, making it much harder to create a virus signature.

    In addition, it does the usual stuff, backdooring port 2745, harvesting email addresses etc.

    http://www3.ca.com/virusinfo/virus.aspx?ID=38462

  2. #2
    Senior Member deftones12's Avatar
    Join Date
    Jan 2003
    Location
    cali forn i a
    Posts
    333
    Yeh, Bagle.H was the first one to do this. Most anti-viruses cannot scan encrypted-password protected ones so by default they dont try and let them through...causing a problem. I wonder how many variants will come out.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •