Panda Virus Alert: Bagle.FU {worm/trojan combo}

- The Bagle Trojan/worm combination strikes again-
Virus Alerts, by Panda Software (www.pandasoftware.com) ​

Madrid, December 15, 2005 - PandaLabs has reported the distribution of a new Trojan-worm combination, directed by a variant of Bagle, detected by Panda Software as Bagle.FU. This new threat is just the latest of many attempts to distribute variants of Bagle through combined attacks, using first a worm and then a Trojan. Both of these threats have, over the last few hours, caused numerous incidents reported by TruPreventTM Technologies in computers around the world. These technologies have kept users' systems out of the reach of these threats from the outset.

The attack begins with the distribution, in a series of emails, of the worm components of Bagle.FU, compressed in files with names like Edmund.zip, Elizabeth.zip, or Henrie.zip, among others. When these files are opened and run, they install the Trojan which automatically tries to download a file from a long list of URLs. They also open an image of the Windows logo as other threats have done previously.

"This is not a new strategy, but is nevertheless still effective as the worm/Trojan combination makes these attacks both powerful and rapid, which is why solutions based solely on signature files expose their users to a significant risk window. This is not the case with users of TruPreventTM Technologies", explains Luis Corrons, director of PandaLabs.

To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, which now also detects spyware, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from http://www.pandasoftware.com/partners/webmasters.

For further information about these and other computer threats, visit Panda Software's Encyclopedia.