Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: URGENT: New version of Beagle hitting - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
URGENT: New version of Beagle hitting
W32.Beagle.AV@mm

There appears to be a new Beagle on the loose. According to the information on Symantecs Security Response Page it opens a backdoor on port 81. It creates a file with a variant of the name wingo in the executable name, adds a wingo.exe in the Registry Key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and attempts to disable anti-virus and security software and block the websites.

Lenny will continue to update in the next diary.
Deb Hale
Handler on Duty
Deborah

278 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!