Updates aim to defuse Bagle ploy

Friday, 5 March 2004, 11:54 AM EST

Recent versions of the Bagle worm have bypassed corporate gateway security measures because they are distributed in password-protected Zip files, which are next to impossible for antivirus programs to scan. E-mails infected with the Bagle worm, however, contain the password required for opening the Zip file.

On Wednesday, antivirus vendors BitDefender and Kaspersky Labs both launched updates enabling their software to open any encrypted attachments using the password contained in the e-mail text. Once the file is decrypted, it is treated as an executable file and scanned normally.

Eugene Kaspersky, head of antivirus research at Kaspersky Labs, said: "This new technology protects users from a new generation of worms, specifically worms that hide in password-protected Zip files. Five worms using this technique appeared within only four days--a new trend has been set in the computer underground," he said.

By Munir Kotadia at ZDNet.

[ Read more ]

Related items




Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //