Watch Out for "Bagle's"

In these days of firewalls, spyware stoppers and self-updating anti-virus software, you'd think one could finally cruise the internet relatively worry free. Trouble is, hackers and pornographers keep finding ways into your system, thanks to security flaws in software, and good old-fashioned ingenuity. Case in point - a new e-mail threat designed specifically to get around existing protections - and it's probably in your e-mail, right now.

Like most so-called "worms", the new "Bagle" variants, have "spoofed" addresses, pulled from your own hard drive, to make you think they're from someone you know. And, they send themselves using those same addresses, to people who know you. But there are some big differences.

In addition to carrying attachment forms not previously known to carry viruses, new Bagle's come password protected:  "the idea is that that antivirus programs can't scan a password-protected archive." And these embedded passwords aren't typed in - they're bitmap files, photos, again designed to escape anti-virus detection. You see a familiar sender, and an attachment "passed" by your virus software, so you open it - "gotcha" - you've opened quite a can with these worms.

They place themselves, under false names, in folders that are likely to be shared across networks - and across file-sharing systems like Kazaa; they can actually turn off anti-virus software and firewalls; can stop system configuration programs like msconfig and regedit that could be used to remove them; they infect every .exe files they can find, so you re-infect your system, even after you cleaned it, simply by loading a program; and, they open back-doors to allow access, even through firewalls. Perhaps worst of all, all this clever deception probably foretells even sneakier viruses to come.

What do you do about it? The usual advice applies:  "Don't open e-mail attachments unless you're absolutely certain they're real, and update anti-virus software daily."