New e-mail worm on the creep

An unwelcome bagel is spoiling the morning for growing numbers of e-mail systems administrators.

A new mass-mailing worm, known as W32/Bagel-A or just Bagel.A, spread rapidly in past weeks in Europe and began showing up in the United States in mid-January.

According to iDefense Inc. of Reston, Va., Bagel.A crossed the Atlantic and quickly began spreading, resulting in more than 50,000 interceptions before Martin Luther King Jr. day was over.

The worm contains the subject "Hi" and the message text reads "Test)".

"There's nothing particularly enticing about the message sent out by Bagel, yet it spreads with very good success in the wild," said Ken Dunham, director of malicious code at iDefense. "It appears that being brief and saying little, even if the content is vague and scarce, is a highly effective method for spreading malicious code."

Bagel also contains a spoofed "from" address and a 15.87K executable attachment with a random file name. When executed, the attachment attempts to create the file BBEAGLE.EXE in the Microsoft Windows System directory, disguising itself with the Microsoft calculator icon. It mass-mails itself to addresses harvested from the compromised computer.

Macintosh, Linux and Unix systems are unaffected by the new worm.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.