[Virus Alert] 2 new worms found
Worm name: WORM_BAGLE.EN
Risk rating: HIGH
Damage Potential: HIGH
Distribution Potential: HIGH
Description:
This worm propagates by sending copies of itself as an attachment to email messages that it sends to target recipients, using its own Simple Mail Transfer Protocol (SMTP) engine. Through the said SMTP engine, it is able to easily send email messages even without using other mailing applications, such as Microsoft Outlook.
It is also capable of propagating via peer-to-peer (P2P) networks. It drops copies of itself in folders whose names contain the string SHAR. This worm does this routine under the assumption that the folder is used in P2P applications, since these applications usually require a folder with names such as My Shares, or Shared Music.
Worm name: WORM_BAGLE.EV
Risk rating: HIGH
Damage Potential: HIGH
Distribution Potential: HIGH
Description:
This worm propagates by sending copies of itself as an attachment to email messages that it sends to target recipients, using its own Simple Mail Transfer Protocol (SMTP) engine. Through the said SMTP engine, it is able to easily send email messages even without using other mailing applications, such as Microsoft Outlook.
It is also capable of propagating via peer-to-peer (P2P) networks. It drops copies of itself in folders whose names contain the string SHAR. This worm does this routine under the assumption that the folder is used in P2P applications, since these applications usually require a folder with names such as My Shares or Shared Music.
These copies are named after popular applications and actresses, to entice users into downloading and executing the said files.
References: http://www.trendmicro.com/vinfo/ (TrendMirco Virus Security Info)
http://www.trendmicro.com/vinfo/zh-tw/default.asp (Traditional Chinese TrendMicro Virus Security Info
