Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
p2pnet Digests
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
MP3Rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code
p2pnet - rss feed: http://p2pnet.net/p2p.rss | p2pnet celebrities: http://p2pnet.net/celeb.rss | Mobile? http://p2pnet.net/index-wml.php

New Bagle on the loose

p2p news / p2pnet: Admins, block http access from your network to endoliteindia.com, warns F-Secure.

Why? It’s a hacked web server in India.

“We saw a new Bagle run start tonight,” says the company blog. “As usual, it was started by posting a new, undetected downloader to one of the dozens of URLs the already-infected Bagle machines are constantly polling.

“The difference this time is that every four minutes the link returns a different binary. Different size, different MD5. This is accomplished by repacking the same file with ASProtect again and again.

“endoliteindia.com”.

F-Secure says it was detecting these as W32/Bagle.GI, and the contents keep changing, and by way of an update, “At around 19:45 GMT, the download link died,” says the post.

Also See:
blog - New Bagle, new trick, March 30, 2006

This entry was posted on Friday, March 31st, 2006 at 1:20 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2024 times

« previous Net safety 101
Cell phone, brain tumour link next »

Leave a Reply
    Advertisments
TekSavvy