Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Massive outbreak of aggressive new Bagle worm var.

AUCKLAND NZ - October 29, 2004

Massive outbreak of aggressive new Bagle worm variant.

Today, a massive epidemic of an aggressive new Bagle worm hit the Internet, spreading fast and infecting thousands of machines.

At 07:51 this morning (Central European Time) a new virus was detected on NOD32’s Virus Radar project (

Initially, around 50 samples were detected in the first hour, but it quickly became obvious that the spread was going to be massive, as in the second hour, over 3400 were detected and further analysis showed that the virus was a new, and highly aggressive version of the Bagle worm, which NOD32 named Win32/Bagle.AS.

Subsequently, a further two variants were discovered - both detected with NOD32’s Advanced Heuristics - Bagle.AT and Bagle.AU, of which .AU is now also spreading.

Less than 2 hours after heuristic detection, at 09:40 (CET), an update was released to provide exact named identification and removal for each variant, and a description of the major variant Bagle.AS was posted to the NOD32 website.

“The massive proliferation of the new worm is probably due to it having its own mass-mailing routine. When the worm is active on an infected computer it will attempt to stop some antivirus and firewall applications running on the machine, so this will increase it’s chances of survival, as some products will not update and detect it.” said Andrew Lee, Senior Vice President of Global Support at NOD32.

Win32/Bagle causes a serious security breach by opening Port 81 on the computer and a random UDP port, and listens for instructions to be sent to it. The worm will be deactivated on an infected computer automatically after causing damage for 20 days. Based on the code analysis, the life cycle of the worm will end on April 25, 2006.

A free cleaning tool for the worm is available at

Tracking the threat on the virus radar shows the rapid growth of this worm in hours after initial heuristic detection, as can be seen in this hourly breakdown.

29.10.2004 7:00 53
29.10.2004 8:00 3409
29.10.2004 9:00 11235
29.10.2004 10:00 30424
29.10.2004 11:00 74236

Currently, the virus radar shows that around 1 in 20 messages contain the Win32/Bagle.AS worm

Rather fittingly, this morning, NOD32 received the news that they had been awarded their 29th VB100% award, a record breaking unbroken run, unmatched by any other anti-virus product, for detecting all viruses in the wild.

The exceptional advanced heuristic capabilities of NOD32, which at last measure, could detect over 88% of all viruses in-the-wild without the need for an update, are a major part of that success.


© Scoop Media

Business Headlines | Sci-Tech Headlines


I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>


Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>


Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>


Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>


Half A Billion Accounts, Including Xtra: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>


Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news