Thursday, August 12, 2004

McAfee Warns On New Bagle.aq Virus

What is it?

W32/Bagle.aq@MM is a Medium Risk mass-mailing worm that tries to open a hacker backdoor on your PC.

Launched by code hidden inside a ZIP attachment, the virus spreads by emailing itself to stolen contacts and via popular file-sharing programs such as KaZaa, Bearshare and Limewire. It also tries to terminate anti-virus and other security software operation.

Up-to-date McAfee VirusScan users with DAT 4384 are protected from this threat.

Note: To fortify anti-virus defense against viruses that carry backdoor payloads, we recommend installing McAfee Personal Firewall Plus.


What should I look for?

FROM: Varies (spoofed)
SUBJECT: Blank
BODY: Examples: new price, The password is, Password:
ATTACHMENT: Examples: price.zip, price2.zip, price_new.zip

How do I know if I've been infected?

Communication Port 80 (TCP) open. Outgoing messages with noted body content and ZIP attachments.


Why am I receiving so many alerts?

It's our policy to notify McAfee customers or those who have opted-in to receive alerts of new viruses or serious variants (e.g., W32/Bagle.af@MM), which often come in waves.


How do I find out more?

View details about W32/Bagle.aq@MM here.

Links to this post:

Create a Link

<< Home