Menu
Beagle variant found

Beagle variant found

Symantec has identified a new variant of the Beagle worm -- W32.Beagle.AB@mm.

Symantec has upgraded this threat to Level 3 due to increased submission rates from both corporate and consumer customers.

To date, Symantec has received a total of 66 submissions -- 17 from corporate customers.

W32.Beagle.AB@mm is a mass-mailing worm that opens a backdoor on TCP port 1080 and uses its own SMTP engine to spread through e-mail.

The source code is embedded in the worm, and may arrive in an e-mail or in an attached message.

If a machine becomes infected with W32.Beagle.AB@mm, it will allow the attacker to have remote, unauthorized access to the machine.

Due to the ability of the remote user to perform so many different actions on the server system -- including installation of applications -- it is highly recommended that compromised systems be re-installed.

The threat also creates a mass mailing of itself, which may clog mail servers and downgrade system performance.

Symantec Security Response recommends that ICT administrators filter attachments not on a list of approved types at the e-mail gateway, and apply the Outlook E-mail Security Update (Q262631) in order to block user access to certain attachment types.

This update will also notify the user of applications attempting to access the Outlook address book.

"We have seen numerous variants of the Beagle family in the last six months; however, W32.Beagle.AB@mm appears to be spreading rapidly, outpacing the last several variants," says Patrick Evans, regional manager at Symantec Africa.

"This threat is impacting both consumers and business alike, so all users should be taking steps to ensure that their systems are protected," he syas. Symantec strongly advises users not to open e-mails from unknown sources, and to keep all anti-virus definitions up to date.


Follow Us

Join the newsletter!

Or
Error: Please check your email address.
Show Comments