Bagle mutant threatens legal action

IT security experts have warned users to guard against a new version of the Bagle worm which poses as a lawsuit against the recipient.

The Bagle-DO worm spreads in emails with subject lines such as "Pay your debts before we come to you," "Call to your lawer immidiately," "Lawsuit against you" and "We wait your response."

The emails urge the recipient to open the attached file (which can be called lawsuit.exe, explanation.exe or documents.exe), but if it is executed, the worm installs itself on the PC and looks for other computers to infect via email and peer-to-peer file-sharing systems.

The worm chooses from a variety of messages to send, all claiming to be about different types of legal action. Messages include one that claims the recipient's company sent an unsolicited commercial fax without permission. Another claims the recipient's company conducted an unsatisfactory car service which resulted in a fire.

The Bagle-DO worm also attempts to spread via P2P file-sharing systems as nude pictures of actress Kate Beckinsale, or erotic photographs of celebrity hotel heiress Paris Hilton and pop starlet Britney Spears.

"People who receive this viral email won't necessarily believe that it was intended for them or their company, of course, but they may wish to advise the apparent sender that they have sent the message to the wrong person. If anyone opens the attached file, however, they risk infecting their computer and passing on the pox to others," said Graham Cluley, senior technology consultant for Sophos. "Internet users need to be more careful about which emails they trust, and which files they choose to open on their PC. With more malware being written than ever before, up-to-date anti-virus software is a must."