Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned
users about a new version of the Bagle worm which poses as a
lawsuit against the recipient.
The W32/Bagle-DO worm spreads
in emails with subject lines such as "Pay your debts before we come
to you", "Call to your lawer immidiately", "Lawsuit against you,"
and "We wait your response". The emails urge the recipient to open
the attached file (which can be called lawsuit.exe, explanation.exe
or documents.exe), but if it is executed the worm installs itself
on the PC and looks for other computers to infect via email and
peer-to-peer file-sharing systems.
The worm chooses from a variety of messages to send, all
claiming to be about different types of legal action. Messages
include one that claims the recipient's company sent an unsolicited
commercial fax without permission. Another claims the recipient's
company conducted an unsatisfactory car service which resulted in a
fire.
A typical message sent by the Bagle-DO
worm.
"People who receive this viral email won't necessarily believe
that it was intended for them or their company, of course, but they
may wish to advise the apparent sender that they have sent the
message to the wrong person. If anyone opens the attached file,
however, they risk infecting their computer and passing on the pox
to others," said Graham Cluley, senior
technology consultant for Sophos. "Internet users need to be more
careful about what emails they trust, and which files they choose
to open on their PC. Proper security like up-to-date anti-virus
software is a must. With more malware being written than ever
before, unwary computer users are risking putting their data at
risk."
The Bagle-DO worm also attempts to spread via P2P file-sharing
systems as nude pictures of actress Kate Beckinsale, or erotic
photographs of celebrity hotel heiress Paris Hilton and pop starlet
Britney Spears.
Sophos has been protecting businesses against the W32/Bagle-DO
worm since 01:30 GMT on 3 March 2006, but has so far not seen a
large number of reports of the malware spreading in the wild.
Companies are recommended to protect their email with a consolidated solution to thwart the virus, spyware
and spam threats and secure their desktops and servers with
automatically updated anti-virus protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.