Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bagle/Beagle Variant Includes Source Code

Posted by timothy on from the let's-call-it-shared-source dept.

NASAdude writes "Sunday brought a lot of fireworks... and the release of two new Bagle/Beagle variants. One of the variants includes a copy of its source code as an attachment as it spreads via email. It is expected the inclusion of the source will result in numerous variants. It's been dubbed Beagle.Y and Beagle.Z by Symantec and Bagle.ad and Bagle.ae by McAfee. ZDNet ran a story that covers these new variants."

25 of 219 comments (clear)

  1. CVS by BenBenBen · · Score: 4, Funny

    beagle.sourceforge.net doesn't have it :(

    --
    The Slashdot Paradox: "100% Overrated"
    1. Re:CVS by dave_mcmillen · · Score: 5, Funny

      Laugh if you will, but I for one applaud this new era of open source viruses . . . Wait . . . Oops, my "open source = good" reflex was triggered before my brain had a chance to think about it.

  2. Pretty please by Anonymous Coward · · Score: 5, Funny

    Can someone please make a variant that makes users regret not patching their systems? Like, overwrite the BIOS, turn ones into twos in all spreadsheet documents, delete all JPGs, MP3s and AVIs, send a resignation to boss@yourdomain.com and a log of your online banking transactions to the FCC, donate 10 bucks each to the KKK and THEN put up a screen which lists all that.

    1. Re:Pretty please by ObsessiveMathsFreak · · Score: 5, Interesting

      A much better solution would be to turn the computer into a spam zombie that only spams itself. After a few thousand spam messages from themselves cloud their inbox, they might actually realise, "Oh, This IS annoying!"

      --
      May the Maths Be with you!
    2. Re:Pretty please by JosKarith · · Score: 4, Funny

      Nope. The best idea would be to search for .mp3's, or .jpg's that have a lot of "flesh tones" and corrupt them.
      After all, killing someone's OS is annoying, but deleting someone's pr0n collection is tantamount to declaration of war.
      Either that or randomly e-mail samples from said collection out as well as copies of itself with a header "Do you know what has hidden on his computer?"
      I really shouldn't be giving people ideas should I...

      --
      'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
  3. How long... by rjw57 · · Score: 4, Funny

    How long until SCO sues Bagle's author for copyright infringement....

    --
    Rich
  4. Shared source by Snaapy · · Score: 5, Funny

    Funny.

    If you try to google Bagle assembler "source code"

    you'll get

    Microsoft shares source code with students - ZDNet UK News

  5. Re:ouch by DrEldarion · · Score: 4, Funny

    It's okay, the source code is in assembler, so all the script kiddies will just look at it in confusion like it's some strange alien language.

  6. Re:Scripting exploit by I+confirm+I'm+not+a · · Score: 5, Insightful

    VBscript or WSH which is inherently Open Source on Windows?

    <nitpick>Open-source is a type of licensing; VBScript is a language, and WSH a technology, not licensing regimes. Typically the source-code for a VBScript app is distributed with the application, but not necessarily - it might be obfuscated - but might well be subject to proprietary licensing restrictions.

    Just because you can see the source code doesn't make it open source. Open source implies certain freedoms that are additional to being able to see the code: the right to modify and redistribute the code, for example.

    </nitpick>

    --
    This is where the serious fun begins.
  7. Re:Title by rjw57 · · Score: 4, Informative

    You mean the UK Universities which made Beagle2 ?

    Not everything space-related is NASA you insensitive clod! :)

    --
    Rich
  8. That's to make prosecution more difficult by Advocadus+Diaboli · · Score: 5, Insightful

    So far you could spot a viurs author by the "evidence" that he had the source code of the virus on his PC. Now everybody has the source. I guess we need bigger jails soon.

  9. Seen it... by lachlan76 · · Score: 4, Interesting

    Seem Familiar?

    In all seriousness, having the source code can't be a bad thing, since this way, it'll be easier to stop if we understand how it works.

    And at least if we all get a virus, there is a good programmer behind it, and it's less likely to crash on all of us.

    Normally I'd consider virus writers the scum of the earth, but this one is talented enough to be a professional hacker, from my limited experience with assembly language (512 byte boot sector on a FD). Not that I endorse email worms, but this guy has talent.

  10. The real question is... by atomic-penguin · · Score: 4, Funny

    What license is it released under?

    --
    /^([Ss]ame [Bb]at (time, |channel.)){2}$/
  11. Something I shoulda Done by PakProtector · · Score: 5, Interesting

    This just brings to mind an idea I've had for a long time now. And it's in no way an unique idea, I know that for a fact.

    So here's the idea: Write a variant of one of these viruses. And he's what it does. When it infects a machine, it sends out copies of itself to every person in the address book. After that, it forces the machine to download some sort of Anti-Virus software. PC-Cillin or NOD32 are favorites of mine. It installs them, then forces a Windows Update.

    Sounds good, right? But read on. My second idea is better.

    Here it is:
    Viral Anti-Virus Software.
    Most virus recognition is based on Pattern Recognition, from what I have garnered from my research. Create a virus that spreads like wildfire -- kind of like Melissa and Code Red spread all crazy-fast -- except this little bit of code contains Virus Recognition software in it. It invades unprotected boxen and then starts a continuous scan for Viruses.

    You know how most people click 'Yes!' to anything that pops up, a la Gator?

    Have this little golden nugget of Illegal Do-Gooding pop up a small dialog saying, "File.Extention is infected with a virus (XX% Probability). Do you wish to delete? Y/N?"

    And just to hold with custom:
    Step One: Create Virus.
    Step Two: JAIL!
    Step Three: PROFIT!

    --

    Edward@Tomato - /home/Edward/ man woman
    man: no entry for woman in the manual.
    "Qua!?"

    1. Re:Something I shoulda Done by Anonymous Coward · · Score: 5, Informative

      There have been several "anti-virus viruses" that didn't quite work, and ended up being a major pain to deal with.

  12. Re:Title by akadruid · · Score: 5, Funny

    Not everything space-related is NASA you insensitive clod! :)
    You can tell NASA's attempts from UK Universities with this simple test.
    Did space object in question:
    a. Crash and burn due to problems with the metric system or
    b. Vanish without trace

    If a then object is of NASA origin, if b, then non-NASA.
    Hope this helps clear up any confusion.

    --
    "Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
  13. Re:what about... by Anonymous Coward · · Score: 5, Funny

    Tried to run it once, and it crashed.

  14. Re:Another excuse for MS? by Anonymous Coward · · Score: 5, Funny

    Check the EULA that comes with the virus, it's Shared Source, not Open Source!

  15. Re:Scripting exploit by johannesg · · Score: 5, Funny
    Don't you suppose the right to redistribute is granted pretty much automatically for a virus?

  16. Didn't Linus predict this? by Minwee · · Score: 5, Funny

    "Only wimps use tape backup. Real men just include their important stuff in a Windows worm and let the rest of the world mirror it."

  17. Re:ouch by Rithiur · · Score: 5, Funny

    And in the other news today, new variant of the Beagle virus, Beagle.goatse, opens a easily abusable back door in your system. However, so far it seems that hackers have been unwilling to use this hole to breach into our computer.

  18. Could someone mail me a copy? by alteridem · · Score: 4, Funny

    Oh wait, there are a dozen in my inbox already. God you guys are quick, thanks ;)

  19. Re:CVS w by SuneSpeg · · Score: 4, Interesting

    Actually.. i know its been tried before, i think it was code red/nimda ?, where someone made a patch spreading in same manner, but instead it patched the systems.

    About time to try that concept again ?
    I know its gonna generate some traffic, but 1 new variant amongst 50+ new others isnt much.

    Consider pro/cons

    + you could patch most of the vulnerable systems by including the official M$ patch
    + inform the user that the pc is victim of a virus and lead him/her to a virusscan.
    + remove the original virus, or some of the variants.
    + save bandwidth/spam for each pc fixed [1]

    -generate more traffic [1] nothing compared to the current amount of net traffic and spam it generates.
    -would be illegal

    Worth to consider imho, if you write it properly and not suffer from same flaws as the codered one did. Im sure you could do far more good than harm .

    beagle.sourceforge.net might not be the proper place for it though :)

  20. Re:CVS w by mwood · · Score: 4, Insightful

    *sigh* Please don't release another anti-virus-virus. The last one was at least as much a pain as the one it was supposed to cure.

  21. Re:Don't worry by johnkoer · · Score: 4, Funny

    If it's encrypted, how did they find out it's source code? They must have already cracked it.

    And the author has already filed his DMCA suit against them for cracking his encryption.

    --
    Johnkoerner.com