Sophos detects the latest Bagle Trojans proactively

June 02, 2005 Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centers, have successfully protected against all the latest Bagle Trojans using proactive technology.

The latest Bagle Trojans, all of which are very similar to each other, attempt to infect insufficiently protected Windows computers. If infected, the Trojan will attempt to turn off anti-virus applications, delete files off the computer, drop more malware, download code from the internet and reduce system security.

Sophos has not received a large number of reports of any Bagle variant; however, when added together, they account for 13.9% of all reports in the last 48 hours. Trojans, not being able to spread on their own, require human intervention and normally depend on being spammed out or posted to newsgroups.

Sophos's proactive Genotype™ technology was capable of detecting the Trojan horse proactively (naming it as Troj/BagDl-Gen), defending customers' computers without requiring an update since 16 March 2005. Sophos PureMessage, Sophos's consolidated email gateway solution which defends businesses against both spam and viruses, can also block the spam messages sent by the Trojan horse.