Updates aim to defuse Bagle ploy

Friday, 5 March 2004, 11:54 AM EST

Recent versions of the Bagle worm have bypassed corporate gateway security measures because they are distributed in password-protected Zip files, which are next to impossible for antivirus programs to scan. E-mails infected with the Bagle worm, however, contain the password required for opening the Zip file.

On Wednesday, antivirus vendors BitDefender and Kaspersky Labs both launched updates enabling their software to open any encrypted attachments using the password contained in the e-mail text. Once the file is decrypted, it is treated as an executable file and scanned normally.

Eugene Kaspersky, head of antivirus research at Kaspersky Labs, said: "This new technology protects users from a new generation of worms, specifically worms that hide in password-protected Zip files. Five worms using this technique appeared within only four days--a new trend has been set in the computer underground," he said.

By Munir Kotadia at ZDNet.

[ Read more ]

Related items




Spotlight

You've been breached, now what?

Everybody tends to think that hackers will never ever target them or their company/organization until a breach occurs. This article concentrate on post-incident actions and provide some advice on what to do after you have been hacked.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Jul 6th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //