[virusinfo] Virus writers exchanging information

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Tue, 08 Mar 2005 09:53:34 -0800

From; Kaspersky General News. Tuesday, March 08, 2005

1. Virus writers exchanging information
2. Security Rules

****

1. Virus writers exchanging information

Virus analysts at Kaspersky Lab have been investigating the recent Bagle
outbreak, and come to the conclusion that the authors of Bagle, Zafi and
Netsky are working hand in hand with each other.

SpamTool.Win32.Small.b, a malicious program which harvests email
addresses from infected machines, was first detected by Kaspersky Lab
analysts on 15th February. Email addresses of antivirus companies are
excluded from the list it compiles. Further analysis of the situation
reveals that the mass mail of this program was a preliminary stage in
the attack carried out by Bagle on 1st March.

In researching the Bagle outbreak, virus analysts have concluded that
the authors of Bagle, Zafi and Netsky and others are working closely
together; they may not be personally known to each other, but they are
all using information provided by the author of Bagle to mass mail their
creations.

In the space of just 2 days, approximately 50 modifications of a range
of malicious programs were mass mailed. The timing of these mailings
clearly shows that they are automated or semi-automated.

These recent events confirm the trend towards the criminalisation of the
Internet. And likely as not, events will continue to evolve in such a
way: network attacks are now automated, take place in several stages,
and are carefully timed and planned. The authors of malicious code are
joining forces, exchanging information and techniques, in order to
increase the impact of attacks.



**
1. Write to us at: webmaster@xxxxxxxxxxxxx 


2. Security Rules

Please note that Kaspersky Labs news messages are sent only in plain text
format and never under any circumstances do they include file attachments.
If you receive an email not meeting these strict guidelines, please do not
open it under any circumstances. Instead, forward it to Kaspersky Labs
technical support (support@xxxxxxxxxxxxx) so its contents can be examined.

If you experience any problems with this procedure, please contact us at:
webmaster@xxxxxxxxxxxxx

****

Best regards,

Kaspersky Labs

-----
10 Geroyev Panfilovtcev St.
125363, Moscow,
Russia
tel/fax:  +7 (095) 797 87 00
http://www.kaspersky.com
ftp://ftp.kaspersky.com
webmaster@xxxxxxxxxxxxx

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Virus writers exchanging information

1. Home
2. virusinfo
3. Archive
4. 03-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---