The Bagle Trojan is back, with multiple new variants
of the nasty little blighter being mailed out to people this week. There have been two waves of attacks this week, prompting many anti-virus vendors to immediately update their virus definitions.
The infected messages typically have a blank subject line, body text saying 'new price', and malicious file attachments such as '09_price.zip', 'price_new.zip', and 'price2.zip'. The attached ZIP files commonly contain a malicious file called price.exe, containing various variants of the Bagle Trojan.
The malware aims to switch off several security applications, with the ultimate goal of turning the machine into a botnet zombie. The Trojan also tries to download more code from the Internet. Spam technology is being used for distribution, in an attempt to maximise infection rates as soon as possible.