Bagle.BC Continues Causing Incidents Worldwide – New Variants Appear

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

The Bagle.BC worm is increasing its already high rate of propagation, causing more and more incidents in users’ computers worldwide. Just a few hours after it appeared, it has made the top half of the ranking of the viruses most frequently detected by the online antivirus scanner, Panda ActiveScan. Even so, the number of incidents caused by this worm is expected to continue increasing and new variants are expected to emerge over the next few hours.

This has prompted Panda Software to declare a Red Virus Alert as a preventive measure, so that all users can protect themselves against these worms and prevent their computers from being infected. Similarly, companies also risk their communications being slowed down by the large number of emails that mail servers will have to process.

In addition to this worm, PandaLabs has detected the appearance of the two new variants, BD and BE, of the same worm. As with Bagle.BC, Panda Software clients that have already installed the new TruPrevent Technologies have preventive protection against these worms, as they were able to detect and block these new variants of the Bagle worm without needing to be able to identify them first.

Panda Software has made the corresponding updates available to its clients to detect and disinfect these new worms. What’s more, it has made its free PQRemove utility available to all users to effectively detect and eliminate Bagle.BC from computers affected by this worm. Users can download this utility from the following address http://www.pandasoftware.com/download/utilities/

With the appearance of these new variants, the objective of the authors of these worms is obvious: release the maximum number of malicious code to increase the huge probability of computers being hit by one of them. According to Luis Corrons: “this is a technique that is being used more often. Virus creators know that the reaction time to new threats is critical, and therefore, the faster they can release various viruses, the easier it is for users to take too long to update their system. This problem is resolved with our TruPrevent Technologies, which have blocked these new worms without users needing to do a thing.”

The new variants detected are very similar to Bagle.BC, a worm that spreads via email, networks and P2P applications like KaZaA. However, they do have some difference, such as the number of files they generate on the computers they infect.

The three new Bagle worms share the fact that they have been designed to end the processes belonging to antivirus and security applications running in memory. However, none of these worms can affect the functioning of the TruPrevent Technologies.

To prevent incidents involving the new variants of Bagle, Panda Software advises users to take precautions and to keep their antivirus software updated.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.