Experts at SophosLabs™, Sophos's global network of virus and
spam analysis centers, have warned computer users about a new
variant of the Bagle Trojan horse that is being spammed out to many
internet users via email.
The Troj/BagleDl-M Trojan horse disables anti-virus and security
software on the victim's computer, potentially opening it up to
infection by existing widespread viruses, and opening up the
computer for exploitation by hackers. The Trojan horse
additionally tries to prevent the infected computer from visiting
security websites, and contains the ability to download additional
malicious code from the internet.
Earlier this week, a series of other versions of the Bagle
Trojan horse were distributed widely on the internet.
"Just as businessmen speak of the synergy that can be created by
two companies coming together, so the criminal hackers behind this
Trojan are demonstrating the effectiveness of combining virus and
spam techniques," said Graham Cluley, senior
technology consultant for Sophos. "This latest member of the Bagle
family of Trojans and worms may fool the unwary and those who have
been lax about their virus protection into being infected. If you
are hit by this Trojan you are effectively putting your PC into the
hands of the hacking underground."
Sophos recommends that businesses ensure their computers are
kept automatically up-to-date with the very latest anti-virus
software. Sophos anti-virus products have been capable of detecting
the Troj/BagleDl-M Trojan horse since 12:52 p.m. EST on March 4,
Sophos also advises companies to adopt an email gateway policy
which can protect against new email threats, even before anti-virus
updates are available.