Bagle.LA is a worm that connects to several web pages to download a list of email server IP addresses. Like all the other worms in the Bagle family, Bagle.LA uses that information to spread by email massively and infect as many users as possible. Also, Bagle.LA can be downloaded by the Mitglieder.MF Trojan onto computers.
Mitglieder.MF, besides downloading Bagle.LA to systems, prevents users from starting up their computers “in safe mode”. and uses rootkit techniques to hide its malicious actions, making it more difficult to detect. This Trojan is difficult to recognize at a glance, as it displays no messages or warnings to alert of its presence. On certain occasions, Mitglieder.MF reaches computers in a file that tries to pass itself off as a crack (a program patch that modifies the behavior of the original software). In these cases, there could be clear symptoms of the Trojan’s presence on the system, such as a video file icon.