The Web    Google
11/1: Bagle-BE Worm Opens TCP Port

11/1: Bagle-BE Worm Opens TCP Port
November 1, 2004

Bagle.BE is a worm that opens the TCP port 81 and listens to it, waiting for remote connections. By doing so, Bagle.BE allows hackers to gain remote control over the affected computer in order to carry out malicious actions that would compromise user's confidentiality or impede normal work.

Bagle.BE ends processes belonging to security tools, such as antivirus programs. This leaves the affected computer vulnerable to the attack of other malware. In addition, Bagle.BE prevents certain worms, such as several variants of Netsky, from being executed whenever Windows is started. In order to do so, it deletes the entries belonging to these worms from the Windows Registry.

Bagle.BE spreads via e-mail in a message with variable characteristics and through peer-to-peer (P2P) file sharing programs.

Technical details can be found at Panda Software page.

  • 2/25: Randex-CST Worm Targets Passwords
  • 2/28: Rbot-UC a Worm and Trojan
  • PentaSafe Unveils Integrated Security Manager
  • 11/29: QLowZones-2 Modifies IE Settings
  • Critical Flaws Flagged in Mozilla, Thunderbird
  • Malware Week in Review
  • Microsoft Patches 'Critical' ASN.1 Vulnerability
  • 6/10: Agobot-JT Allows Unauthorized Access
  • Gentoo 2005.0 All About Security
  • 10/27: Famus-C Worm Sends Private Data
  • 11/8: Trojan.Beagooz Collects Addresses
  • Cheap Security Camera