Bagle.AT virus is no joke

F-Secure has issued a level-two alert for the latest version of the Bagle virus, which contains bogus attachments named 'joke.cpl', 'prices.exe' and 'runme.exe'
Written by Dan Ilett, Contributor

Antivirus companies are issuing a high-level warning about the latest version of the Bagle virus, which disables a range of computer security settings.

Bagle.AT is similar to previous examples of the virus, and sends emails containing the attachments 'joke.cpl', 'prices.exe' and 'runme.exe', according to antivirus company F-Secure.

"We've had several reports all over the world," said director of antivirus research for F-Secure Mikko Hyppönen. "When it spreads naturally, it makes it harder to detect. This is not just travelling as a result of spamming."

F-Secure said that the virus has been given a level-two threat, the second highest threat level the company issues.

The virus exploits email addresses from infected computers and uses an SMTP code to send more infected emails with spoofed sender addresses.

Hyppönen added that the virus currently beats antivirus products, so users would need to update their computers. He said that control panel applet files (CPLs) work like executable files, which activate the virus.

The previous version of the virus, Bagle.AS was discovered exactly a month ago on September 29th. Hyppönen said this was strange.

Editorial standards