Email account utilization warning.

[Guest guest]

This is a worm.

Bagle.J Virus

Posted 03/02/2004 (Updated 03/03/2004)

A new variant of the Bagle worm, Bagle.J, is propagating over the Internet. The

version claims to be from University email or network administrators and directs

you to open or execute an attachment. These messages are not legitimate and

should be deleted immediately.

 

If you receive an email with an unexpected attachment, do not open the

attachment. Additionally, receiving bounce messages implying that you have sent

out copies of the virus does not mean you are infected! If you are receiving

" bounced " messages, please disregard them. Mass mailing viruses like Bagle send

themselves using random email addresses they find on the machines they infect;

correspondingly those random addresses are the ones who receive the bounce

messages.

 

What It Looks Like

There are several variations of the virus; below we've listed the subject lines

we've seen as well as an example copy of the message body. While we've seen many

small variations in the message body, it will consistently (1) claim to be the

Uchicago.edu " team " or " administrators, " (2) make reference to a problem in your

account, and (3) will ask you to open or execute an attachment.

 

Common Subject Lines

The following are the most common subject lines associated with this virus.

 

E-mail account disabling warning.

Email account utilization warning.

E-mail account security warning.

Important notify about your e-mail account.

Notify about your e-mail account utilization.

Notify about using the e-mail account.

Warning about your e-mail account.

Example Message Text

The following is an example message body for this virus. There are several

variations, however they will all claim to be from uchicago.edu and ask you to

open an attachment.

 

Dear user, the management of Uchicago.edu mailing system wants to let you

know that,

 

Our main mailing server will be temporary unavaible for next two days,

to continue receiving mail in these days you have to configure our free

auto-forwarding service.

 

Please, read the attach for further details.

 

Cheers,

The Uchicago.edu team http://www.uchicago.edu

Who Is Affected

The Bagle.J worm affects Microsoft Windows 95, 98, ME, NT, 2000, XP, and 2003;

Macintosh and Unix/Linux machines are not vulnerable. Additionally, you are only

affected if you received a copy of the message and ran the attachment; the

exception to this rule is the Outlook and Outlook Express email clients which

may automatically run attachments on preview.

 

 

More Information

For additional information, please visit McAfee's Bagle.J alert.

 

McAfee W32/Bagle.J@MM Alert

 

¸..· ´¨¨)) -:¦:-

¸.·´ .·´¨¨))

((¸¸.·´ ..·´ -:¦:- Raine

-:¦:- ((¸¸.·´*