Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customise your settings, hit “Customise Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences

Necessary. Always active Read more

These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.
Tailored Advertising. Read more

These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.
Analytics. Read more

These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

Customise Settings

Security

Bagle copycat builds Zombie attack network

Apprentice worm

John Leyden Fri 16 Jul 2004 // 10:09 UTC

Virus writers have released a new version of the Bagle worm, on the back of the source code released into the wild earlier this month.

Bagle-AF (AKA Bagle-AB or the 'Apprentice' worm) is spreading quickly across the Net, following its release yesterday. Most anti-virus firms rate it as medium risk.

The new Bagle worm was made using source code which came with the payload of the Bagle-AA (confusingly, some firms refer to this as Bagle-AE) worm earlier this month. Including the source code in a virus is like adding DIY instructions for apprentice hackers, since it makes it easier for the less-skilled to make many more versions of new viruses.

Bagle-AF opens a path for intruders to relay bulk email messages through infected PCs. The worm tries to contact one of 141 compromised German websites to let its creators know which PCs it has infected. The worm leaves open a backdoor on compromise computers, which can then be used to spread spam or as zombie drones in DDoS attack networks.

The latest variant of Bagle is little different from its predecessors. Like the other it normally arrives in email as an attached file. It can also spread over P2P networks.The worm can arrive in the form of a password-protected .ZIP file, with the password included in the message body of an infected email or within an attached image. Earlier versions of Bagle used the same trick.

On infection, the worm begins emailing out copies of itself to any email addresses it finds on compromised PCs. Bagle-AF also tries to stop a range of security applications from running, along with any copies of NetSky it finds (continuing a long-running spat).

Standard defence precautions apply against virus attacks from all versions of the worm: users should update their AV signature definition files to detect the virus and resist the temptation to open suspicious looking emails. ®

Related stories

Bagle source code unleashed
Phatbot arrest throws open trade in zombie PCs
Zombie PCs spew out 80% of spam
Virus writers in malicious code hide-and-seek
War of the worms turns into war of words (NetSky vs Bagle)

Corrections Send us news

Other stories you might like

Experimental WebAssembly port of LibreOffice released

Try it in your browser

Liam Proven in Prague Sat 19 Feb 2022 // 08:34 UTC

Almost exactly a year after we last covered it, an experimental version of LibreOffice compiled to WebAssembly (nicknamed LOWA) has appeared.
Be warned, it's about 300MB, so it takes a while to load, but you can try it here in your browser.
It's based on the still-prototype LibreOffice 7.4 codebase and is not yet ready for production use. Given that LibreOffice is a large codebase, parts of which are decades old, this is a significant vindication of WebAssembly. There's more info on the port here, from a presentation by Thorsten Behrens at FOSDEM 2022, which took place this month.

Continue reading
Linux Snap package tool fixes make-me-root bugs

Or you could think of them as a superuser password reset function

Gareth Corfield Sat 19 Feb 2022 // 00:15 UTC

The snap-confine tool in the Linux world's Snap software packaging system can be potentially exploited by ordinary users to gain root powers, says Qualys.
Snap was developed by Ubuntu maker Canonical, and can be used with Ubuntu and on other Linux distributions, if one so wishes, to install applications and services. According to infosec biz Qualys, which found and reported the security shortcomings, there are two ways Snap's internal program snap-confine can be exploited to gain superuser privileges:

Continue reading
CISA publishes list of free security tools for business protection

Agency quiet on the selection criteria but at least the price is right

Thomas Claburn in San Francisco Fri 18 Feb 2022 // 20:08 UTC

The US Cybersecurity and Infrastructure Agency (CISA) has published a web catalog of free cybersecurity resources in the hope that those overseeing critical infrastructure can use the tools to better secure their systems.
"CISA is super proud to announce the start of a new catalog of free resources available to those critical infrastructure owners and operators who would benefit from tools to help their security and resilience," said CISA director Jen Easterly in a statement.
"Many organizations, both public and private, are target rich and resource poor. The resources on this list will help such organizations improve their security posture, which is particularly critical in the current heightened threat environment."

Continue reading

Adobe warns of second critical security hole in Adobe Commerce, Magento

As sanctioned Russian infosec firm says it has working exploit code

Gareth Corfield Fri 18 Feb 2022 // 19:20 UTC

Adobe has put out a warning about another critical security bug affecting its Magento/Adobe Commerce product – and IT pros need to install a second patch after an initial update earlier this week failed to fully plug the first one.
You need to apply both patches, in order.
The new vuln has also been assigned a severity rating of the 9.8 on the CVSS scale – the same as its predecessor, for which Adobe issued an out-of-bounds patch earlier in the week. It's tracked as CVE-2022-24087 and – like the earlier vuln, CVE-2022-24086 – impacts both Magento Open Source and Adobe Commerce.

Continue reading
HPE, Samsung invest in quantum startup Classiq

Signs that interest in the market is ramping up

Dan Robinson Fri 18 Feb 2022 // 18:21 UTC

Quantum computing startup Classiq has raised $33m in a Series B funding round from investors including HPE and Samsung, a sign that interest in the emerging market may be stirring.
Tel Aviv-based Classiq provides a platform to help developers with algorithm design work for quantum software. The firm contends that coding at the quantum gate level works today, when most quantum systems only support a relatively small number of qubits and code is largely experimental, but this approach will not scale once algorithms start to require more than a few qubits.
Classiq has previously secured seed funding from Entrée Capital, which was then joined by Wing VC, Team8, IN Venture and OurCrowd in a $10.5m Series A round at the start of 2021.

Continue reading
GNOME Project retires OpenGL rendering library Clutter

RIP. You brought hardware-accelerated 3D to many Linux programs

Liam Proven in Prague Fri 18 Feb 2022 // 17:32 UTC

The GNOME Project has announced that it's retiring the Clutter library, the tool that bought OpenGL-based hardware rendering to Linux in 2006.
Clutter was originally written by now-Intel subsidiary OpenedHand and in its day was a widely used library, enabling GObject-based C code to draw user interfaces using OpenGL.
It brought hardware-accelerated 3D to a lot of Linux programs, including the Mutter window manager (Metacity + Clutter) used by GNOME Shell, System76's COSMIC desktop and Raspberry Pi's PIXEL. The Cinnamon desktop uses a fork of Mutter called Muffin.

Continue reading

UK starts to ponder how Huawei ban would work

Sanctions already in place, blockade set to be rolled into telecoms law

Lindsay Clark Fri 18 Feb 2022 // 16:23 UTC

Updated The British government has started a consultation to find ways to legally remove the equipment of telecoms giant Huawei from its 5G networks by the end of 2027.
Proposals include asking full-fibre broadband operators to stop installing Huawei equipment affected by US sanctions. UK telecoms providers have already begun to remove Huawei from the UK's 5G networks following a government announcement in July 2020.
The US has retained its opposition to using the Chinese manufacturer's equipment in essential infrastructure. Although the policy began under controversial Republican president Donald Trump, it has survived the transition to Democrat Joe Biden, who signed The Secure Equipment Act on Thursday. In 2020, Trump extended his executive order banning US companies from using or buying telecoms equipment from Chinese manufacturers Huawei and ZTE.

Continue reading
Should we expect to keep communication private in the digital age?

Reg writers and readers wrangle over rights and realities

Joe Fay Fri 18 Feb 2022 // 15:21 UTC

Register Debate Can you have a debate on privacy without mentioning Orwell and 1984 or Bentham's Panopticon?
You can certainly try, which is just what our contributors did this week, when they went head to head on the motion: In the digital age, we should not expect our communications to remain private.
I kicked off proceedings, pointing out that, according to the UN amongst others, privacy is not just nice to have, but a human right and that of course this extends to digital communications.

Continue reading
HPE, Qualcomm team for virtualized 5G network kit

Pair aim to deliver the industry's first fully optimised vDU

Dan Robinson Fri 18 Feb 2022 // 15:02 UTC

HPE continues edge into telecoms, and is now working with Qualcomm to on hardware for 5G networks, specifically a next generation of 5G distributed units based on HPE servers and Qualcomm's 5G RAN (radio access network) accelerator cards to support high capacity and low-latency workloads.
The two firms said that this new collaboration aims to meet the demands of next-generation networks, and will focus on delivering high-performance, cloud-native, OpenRAN-compliant 5G solutions for network operators.
HPE and Qualcomm said they hoped to deliver the industry's first fully optimised virtualized distributed unit (vDU) solution, where a DU includes both the baseband processing and RF functions in 5G network deployments.

Continue reading
IT vendors set to use headline inflation to justify price hike

It shouldn't affect costs, but it will, says software asset management intel org

Lindsay Clark Fri 18 Feb 2022 // 14:10 UTC

Analysis Both the UK and the US have recorded the highest inflation figures for decades. With inflation in the Eurozone hitting similar levels, the news is set to mark the end of more than a decade of ultra-low interest rates in the West.

Continue reading
Internet connection now required for Windows 11 Pro Insider setup

No more local accounts on bleeding-edge build, and you need a Microsoft account too

Richard Speed Fri 18 Feb 2022 // 12:58 UTC

Microsoft has slapped an internet connectivity requirement on the Dev Channel version of Windows 11 Pro setup and warned that a Microsoft account will be required for future builds in the Insider programme.
The notification was dropped in at the end of the impressively long list of tweaks in build 22557, of which the most eye-catching for us was the updated Task Manager.
In all honesty, we didn't notice until we put the build on a sacrificial Intel PC and noticed something different during the out-of-box experience (OOBE). Scroll down the epic list of changes in this build, and there it is:

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Biting the hand that feeds IT © 1998–2022

Your Consent Options Cookies Privacy Ts&Cs