New Bagle Worm Spreads Over Internet Disguised As Calculator, Warns Sophos

Sophos, a world leader in protecting businesses against spam and viruses, is warning of a new worm called Bagle-A (W32/Bagle-A). Following many reports in Australia, Sophos has already started to see multiple reports coming from the UK and other countries, and users are advised to be cautious of emails received over the weekend with the subject line “Hi”.

The Bagle-A worm arrives as an email message which talks about a test and has an attachment – a program file with a random name. This file which can pretend to be the Windows calculator, opens a security hole in the infected user’s computer which can be exploited by hackers.

“As users come back to work after the weekend they are at risk of finding the malicious Bagle worm in their email inbox,” said Graham Cluley, senior technology consultant for Sophos. “The worm pretends to be a “techie looking” test email to fool people into running the dangerous attachment – not knowing they are potentially giving hackers the power to run destructive code on their computer.”

“Computer users should be wary of any programs delivered by email even if they seem to come from a known contact. If you email programs around, you should get out of this habit now, as it encourages bad security practice,” continued Cluley.

Sophos has published further information and protection against this worm: http://www.sophos.com/virusinfo/analyses/w32baglea.html

Sophos recommends the use of email gateway software, which can block all programs, whether infected or not, in order to enforce safe computing practices.