Virus writers' penchant for modifying the source code for the program has
resulted in four new variants--Bagle.Q, Bagle.R, Bagle.S and Bagle.T--in the
past two days, antivirus firms said on Thursday.
The viruses attempt to use an ActiveX
vulnerability, discovered in August, to automatically upload and run
a program on the victim's computer, without needing the user to run a file. The
viruses pose a threat to Windows users who have not updated their operating
system since the patch came out in August.
"It is definitely a new thing that is involved," said Oliver Friedrichs, a senior manager in Symantec's security response team. "Most of the vulnerabilities used in the past have the program as part of the virus."
The four new variants of the virus, which Symantec calls "Beagle," add to the slew of slightly modified programs attempting to infect Internet users. Virus writers have used the Bagle, NetSky and MyDoom worms to attempt to gain control of large numbers of PCs. Comments in some of the programs have led researcher to believe that the authors of at least two of the worms are competing against each other.
The latest Bagle variants add an infection mechanism, which uses a flaw in Windows that was patched in August. PC users who haven't updated the operating systems could, upon viewing an e-mail message containing the virus, cause their system to download and run a malicious program.
However, many of the Web sites that had acted as locations from which to download the attack code have been taken offline, said Friedrichs.
Play video
There are currently no comments for this post.