By Вen Li
A new wave of worms spreading on the Internet this week is attempting to trick users to help it spread.
Messages infected with Bagle.j may claim to be from “the ucalgary.ca team,” use an official-looking subject line regarding users’ e-mail accounts and contain a message stating something is wrong with users’ e-mail accounts. Launching the attached file, as instructed by the body of the message, will infect the local computer and potentially spread the Bagle.j to e-mail users in the address book.
On Tue., Mar. 2, University of Calgary IT Security temporarily blocked e-mail messages with attached file types that could be infected by viruses and worms. In addition, on Wed., Mar. 3 they notified users of a potential new Bagle variant which is sending messages allegedly from addresses such as “[email protected]” and “[email protected]” about erroneous e-mail account difficulties as described above.
In addition to mailing itself to e-mail addresses harvested from infected computers, Bagle.j notifies its creators who may then access infected computers for malicious purposes or to send spam.
Antivirus software publishers posted emergency updates on their websites to detect and remove Bagle.j and related worms. Rumours the recent activity is a result of a contest to create the fastest-spreading worm have not been confirmed.