Bagle and other recent viruses (Was: warning - new trend of attempts to infect ISP users, possibly virus)

william(at)elan.net william at elan.net
Fri Mar 5 06:24:35 UTC 2004


On Wed, 3 Mar 2004, Stephen J. Wilcox wrote:

> Perhaps I'm only following this as its affecting us more, but I dont recall a 
> time previously when I've had so many viruses hitting us and getting thro our 
> scanners with nothing we can do about it. I dont recall seeing viruses with 
> variants as high as 'j' before, especially in the relatively short time since 
> the previous variants were out
> 
> Seriously, drop some references if I'm off-track.. its just my perception and 
> I'm not an expert at all with viruses...

This might be an interesting reading on this point - 
http://www.pcpro.co.uk/news/news_story.php?id=54437
"Rapid MyDoom, Bagle and Netsky variants do battle to control your computer

 New variants of MyDoom, Bagle and Netsky arrive in quick succession as the 
 battle to control infected computers heats up.

 Sophos has issued alerts this morning for MyDoom-G and H, Bagle-J and K 
 and Netsky F.

 The worms are fighting for the control of infected computers which the 
 virus writers can use for their nefarious activities. Bagle-J contains the 
 text 'Hey,NetSky, [expletives removed], don't ruine our bussiness, wanna 
 start a war?'

 'You wish that they would have this slagging match on a message board or 
 in a dark alley, rather than on the Internet,' said Graham Cluley, senior 
 technology consultant for Sophos. 'It's like an argument where everyone 
 wants the last word.' So the flood of viruses doesn't look likely to end 
 any time soon. 

 The text in Bagle-J supports the theories of antivirus companies that 
 virus writers are being given a financial incentive to write these worms - 
 perhaps by spammers who can send their emails through the infected 
 machines.

 And indeed previous variants of Bagle and Netsky remove evidence of 
 infection by their rivals
 ..."

-- 
William Leibzon
Elan Networks
william at elan.net




More information about the NANOG mailing list