Sophos detects the latest Bagle Trojans proactively

Sophos Press Release

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centers, have successfully protected against all the latest Bagle Trojans using proactive technology.

The latest Bagle Trojans, all of which are very similar to each other, attempt to infect insufficiently protected Windows computers. If infected, the Trojan will attempt to turn off anti-virus applications, delete files off the computer, drop more malware, download code from the internet and reduce system security.

Sophos has not received a large number of reports of any Bagle variant; however, when added together, they account for 13.9% of all reports in the last 48 hours. Trojans, not being able to spread on their own, require human intervention and normally depend on being spammed out or posted to newsgroups.

Sophos's proactive Genotype™ technology was capable of detecting the Trojan horse proactively (naming it as Troj/BagDl-Gen), defending customers' computers without requiring an update since 16 March 2005. Sophos PureMessage, Sophos's consolidated email gateway solution which defends businesses against both spam and viruses, can also block the spam messages sent by the Trojan horse.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at