Educause Security Discussion mailing list archives
Virus warning - Bagle.C
From: Jason Richardson <A00JER1 () WPO CSO NIU EDU>
Date: Fri, 27 Feb 2004 18:49:46 -0600
Bagle.C is out and none of the AV vendors have solid signatures for it yet. We saw it on our campus before there was any word of it that I am aware of. For those of you using McAfee, NAI has a superdat that picks it up available here - http://a64.g.akamai.net/7/64/2015/2004-02-20-05/download.nai.com/products/mcafee-avert/101059a.exe . Here's a brief write up: --- Jason Richardson, J.D., CISSP, CISM, CNE Manager, IT Security and Client Development Enterprise Systems Support Northern Illinois University Voice: 815-753-1678 Fax: 815-753-2555 jasrich () niu edu
<technical () cdg-group com> 2/27/2004 6:33:32 PM >>>
Virus Notification WORM_BAGLE.CA Service of CDG, Inc.February 27, 2004 This Bulletin is to inform you of a virus threat that has been classified as a medium alert virus Virus Info Name: WORM_BAGLE.C Type: Worm Risk:Medium Synopsis: This is an early warning notification, not all technical details and attack vectors have yet been analysed for this worm. This malware is compressed in zip format so until further details are available for the malware we suggest blocking or quarantining zip files. This memory-resident worm propagates by mass-mailing copies of itself using SMTP (Simple Mail Transfer Protocol). The email message it sends out contains the following details: Sample: Subject: price-;ist From: %random% Attachement: ddcbcdbd.zip This malware runs on Windows 95, 98, ME, NT, 2000 and XP. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Virus warning - Bagle.C Jason Richardson (Feb 27)