Two-wave Bagle Trojan attack launched

A spammer has struck with two waves of the BagleDL-U Trojan

Two waves of spam were launched this week using a new variant of the Bagle Trojan, according to antivirus company Sophos.

The BagleDL-U trojan tries to turn off antivirus and security software and block access to security Web sites, in an attempt to strip away a PC's immune system and allow hackers to gain access, Sophos said in a statement.

The two series of attacks bore strong similarities: the subject line was blank, the body message text was 'new price', and the malicious file attached could be identified with names such as '09_price.zip', 'price_new.zip', and 'price2.zip'.

"All computer users must avoid opening unsolicited email attachments, and ensure that their antivirus protection is up-to-date. Businesses should also consider blocking all executable code from entering their networks via email — most companies have no need to receive computer programs via this route, and it dramatically reduces the risk of infection," said Carole Theriault, senior security consultant at Sophos.