June 6, 2005 - (HOSTSEARCH.COM) - Johannesburg-based Computer Associates has warned that a new Bagle variant Trojan is sweeping across the internet.
The mass mailing virus Win32.Glieder.AK, once executed on a Windows machine, downloads an executable with a highly variable name from a long list of URLs to avoid signature based virus protection and then Glieder.AK takes over and disables firewalls and the Security Center. Then it get's scary.
After knocking out a computer's first line of defense, Glieder runs through a list of URLs and downloads Win32.Fantibag.A which disables access to Windows Update and anti-virus vendors.
Then Win32.Mitglieder.CT is downloaded where upon it puts the computer under the complete control of the hackers.
This new virus is marshalling a vast army of bots as eWeek reports, "According to CA's (Roger)Thompson, the success of the three-pronged attack could signal the end of signature-based virus protection if Trojans immediately disable all means of protection."
To see CA's full report
click here.
