Another bullying Bagle worm appeared Friday, security companies warned, although this one threatens to bring on the lawyers, not the police.
Bagle.do, said U.K.-based Sophos, spreads in e-mails with subject lines such as "Call to your lawer [sic] immidiately [sic]" and "Lawsuit against you." The text of the worm-carrying message varies, but all versions cite some legal beef, ranging from identity theft to "spamming" faxes to the sender's machine.
The attached file, with names like "lawsuit.exe" and "explanation.exe," purport to be supporting legal documents but are, of course, the worm. Launching the executable file infects the PC with a backdoor and lowers the machine's security settings, and may end up with more malicious code downloaded to the system from a slew of Web sites.
Bagle.do will also try to spread via peer-to-peer file sharing by planting copies of itself in folders commonly used by P2P applications such as KaZaa and Limewire.
"People who receive this viral email won't necessarily believe that it was intended for them or their company, of course, but they may wish to advise the apparent sender that they have sent the message to the wrong person." said Graham Cluley, senior technology consultant for Sophos, in a statement. "If anyone opens the attached file, however, they risk infecting their computer and passing on the pox to others."
As is the norm, other anti-virus companies tagged the worm with different names. McAfee, for instance, called this "Bagle.dy," while Symantec dubbed it "Bagle.dx."
According to McAfee, the worm's author tucked a cryptic message inside the malicious code:
"In a difficult world In a nameless time I want to survive So, you will be mine!!"