-
March 2nd, 2004, 01:19 PM
#1
Bagle.I
Yet another variant of the Bagle virus, this time with a twist.
ZIP files are a well-known way of getting past the "executable" stripped on firewalls. Bagle.I appears to take this one step further by randomly encrypting the ZIP file to thwart perimeter scanners, making it much harder to create a virus signature.
In addition, it does the usual stuff, backdooring port 2745, harvesting email addresses etc.
http://www3.ca.com/virusinfo/virus.aspx?ID=38462
-
March 4th, 2004, 04:06 AM
#2
Yeh, Bagle.H was the first one to do this. Most anti-viruses cannot scan encrypted-password protected ones so by default they dont try and let them through...causing a problem. I wonder how many variants will come out.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|