Bagle and other recent viruses (Was: warning - new trend of attempts to infect ISP users, possibly virus)
william(at)elan.net
william at elan.net
Fri Mar 5 06:24:35 UTC 2004
On Wed, 3 Mar 2004, Stephen J. Wilcox wrote:
> Perhaps I'm only following this as its affecting us more, but I dont recall a
> time previously when I've had so many viruses hitting us and getting thro our
> scanners with nothing we can do about it. I dont recall seeing viruses with
> variants as high as 'j' before, especially in the relatively short time since
> the previous variants were out
>
> Seriously, drop some references if I'm off-track.. its just my perception and
> I'm not an expert at all with viruses...
This might be an interesting reading on this point -
http://www.pcpro.co.uk/news/news_story.php?id=54437
"Rapid MyDoom, Bagle and Netsky variants do battle to control your computer
New variants of MyDoom, Bagle and Netsky arrive in quick succession as the
battle to control infected computers heats up.
Sophos has issued alerts this morning for MyDoom-G and H, Bagle-J and K
and Netsky F.
The worms are fighting for the control of infected computers which the
virus writers can use for their nefarious activities. Bagle-J contains the
text 'Hey,NetSky, [expletives removed], don't ruine our bussiness, wanna
start a war?'
'You wish that they would have this slagging match on a message board or
in a dark alley, rather than on the Internet,' said Graham Cluley, senior
technology consultant for Sophos. 'It's like an argument where everyone
wants the last word.' So the flood of viruses doesn't look likely to end
any time soon.
The text in Bagle-J supports the theories of antivirus companies that
virus writers are being given a financial incentive to write these worms -
perhaps by spammers who can send their emails through the infected
machines.
And indeed previous variants of Bagle and Netsky remove evidence of
infection by their rivals
..."
--
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list