NEWS FROM THE LAB - Friday, August 5, 2005

Bagle just got new services Posted by Jarkko @ 13:46 GMT

Apparently someone took the Bagle's source code and added some new functionality into it. Usually, Bagles try to download Mitglieder trojans for opening up spam proxies on infected computers. Yesterday we got sample of a new Bagle that has Mitglieder-like proxy and SMTP relay functions built-in.

In addition of typical Bagle backdoor, Bagle.bw can also act as SOCKS v4/5 proxy, HTTP CONNECT proxy and SMTP relay.