Press Releases

Browse our press release archive

20 Sep 2005

Second wave of attack: new Bagle Trojans spammed out today, Sophos reports

Second wave of Bagle Trojan horse attacks spammed to millions of email addresses.

SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned that for the second day running a hacker is spamming multiple new versions of the Troj/BagleDl-U Trojan horse to millions of email addresses around the world.

The attacks were spreading across the net between 15:00 and 22:00 (GMT) yesterday, and a new phase began again at approximately the same time today. All of the different versions of the Trojan horse attempt to turn off anti-virus and security software, and block access to security websites, in an attempt to allow hackers to gain access to infected computers.

The latest series of malicious messages have strong similarities to yesterday's onslaught: the subject line is blank, the body message text is 'new price', and the malicious file attached can be identified with names such as '', '', and ''.

"This is the second massive email attack phase from this hacker in two days - the creator is obviously intent on infecting as many people as possible," said Carole Theriault, senior security consultant at Sophos. "All computer users should avoid opening unsolicited email attachments, and ensure that their anti-virus protection is up to date. Businesses should also consider blocking all executable code from entering their networks via email - most companies have no need to receive computer programs via this route, and it dramatically reduces the risk of infection".

Sophos is currently protecting its customers against these new threats.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at