Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bagle/Beagle Variant Includes Source Code

Posted by timothy on from the let's-call-it-shared-source dept.

NASAdude writes "Sunday brought a lot of fireworks... and the release of two new Bagle/Beagle variants. One of the variants includes a copy of its source code as an attachment as it spreads via email. It is expected the inclusion of the source will result in numerous variants. It's been dubbed Beagle.Y and Beagle.Z by Symantec and Bagle.ad and Bagle.ae by McAfee. ZDNet ran a story that covers these new variants."

8 of 219 comments (clear)

  1. Re:Scripting exploit by I+confirm+I'm+not+a · · Score: 5, Insightful

    VBscript or WSH which is inherently Open Source on Windows?

    <nitpick>Open-source is a type of licensing; VBScript is a language, and WSH a technology, not licensing regimes. Typically the source-code for a VBScript app is distributed with the application, but not necessarily - it might be obfuscated - but might well be subject to proprietary licensing restrictions.

    Just because you can see the source code doesn't make it open source. Open source implies certain freedoms that are additional to being able to see the code: the right to modify and redistribute the code, for example.

    </nitpick>

    --
    This is where the serious fun begins.
  2. That's to make prosecution more difficult by Advocadus+Diaboli · · Score: 5, Insightful

    So far you could spot a viurs author by the "evidence" that he had the source code of the virus on his PC. Now everybody has the source. I guess we need bigger jails soon.

  3. Re:ouch by mpost4 · · Score: 3, Insightful
    Read teh artical, it says it is commented to help people understand what is going on aka think of this

    (example given in MIPS since it is the only assembler I know)


    li $24 1025 # this line loads into the register 24
    ## the port to be explorted (in this case port 1025)

    well think about this the kiddy scripter does not need to know that li is load imedate but all he needs to know is 24 is the register, do not touch, and 1025 is the port, change to a new port to try.
  4. this is not news by ajs318 · · Score: 3, Insightful

    All it means is that there are still clueless people using computers. I already know that. Sometimes I think it's a damn shame viruses can't do the kind of real, permanent damage that shocks a clue into people -- if there is such a thing. For once I'm actually wishing for a SCO story.

    Please, please, please, I know I'm preaching to the choir here, but please, for crying out loud, please if anyone ever asks you about buying a new computer, just point them towards the nearest Apple authorised reseller. If they complain about the price, point out that the inherent usability and security designed into Mac OS X from the ground up will more than pay for itself in terms of not cursing and screaming at the damn thing every time you boot it up. If that doesn't work, mention that Macs are prettier. If that still doesn't work, give them six months tops before you're saying "I told you so".

    Windows may be popular but that doesn't make it any good.

    --
    Je fume. Tu fumes. Nous fûmes!
  5. Another one bites the dust... by mindmaster064 · · Score: 3, Insightful

    I'm so glad my entire network is running Linux. :) I swear there is some major virus every goddamn week. Linux has it's own problems, but I am glad I can do something about them. I wonder how long it will take for businesses to realize that running around chasing exploits and viruses isn't a good way to make use of your technical support staff time.

    -Mind

  6. Re:Pretty please by anon*127.0.0.1 · · Score: 3, Insightful

    Oddly enough, had something like that happen to one of our agents. He called in to complain that he couldn't get any work done. Every few seconds, his PC would pop up a little window saying "Scanning outgoing EMail" and lock up for a moment. Then the window would disappear and everything would be back to normal. Until the window reappeared.

    Turned out he'd picked up a mass mailing virus. He had Norton AV installed, but hadn't wanted to pay to keep his virus defs updated. Norton was scanning every outgoing EMail, but didn't see anyting it recognized and let them all pass through.

    I told the guy he'd have to pay to update his virus defs in order to fix the thing. Actually, Norton offers a free remover for that particular virus, but I didn't want the guy calling me back in another two weeks with a different virus.

    --
    I am NOT a man!
    I am a free number!
  7. Re:CVS w by mwood · · Score: 4, Insightful

    *sigh* Please don't release another anti-virus-virus. The last one was at least as much a pain as the one it was supposed to cure.

  8. Re:ouch by JAD+lifter · · Score: 3, Insightful

    Does it also point out where to get an assembler? I suspect that'll be a barrier of entry for a lot of kiddies.

    I cannot tell if you are being sarcastic or serious so I will assume that you are serious.
    Just about every skript kiddiot out there has a copy of MASM, TASM and/or NASM on his machine. If you do not believe me then you are underestimating the average skript kiddy. Go hang out in some script kiddy message boards or especially IRC and you will see that they may be obnoxious little scum but they are not quite as naive and incompetant as you make them out to be.