News Bagle copycat builds Zombie attack network

Ah a Padawan worm! This from elReg:

Virus writers have released a new version of the Bagle worm, on the back of the source code released into the wild earlier this month.

Bagle-AF (AKA Bagle-AB or the 'Apprentice' worm) is spreading quickly across the Net, following its release yesterday. Most anti-virus firms rate it as medium risk.

The new Bagle worm was made using source code which came with the payload of the Bagle-AA (confusingly, some firms refer to this as Bagle-AE) worm earlier this month. Including the source code in a virus is like adding DIY instructions for apprentice hackers, since it makes it easier for the less-skilled to make many more versions of new viruses.

Bagle-AF opens a path for intruders to relay bulk email messages through infected PCs. The worm tries to contact one of 141 compromised German websites to let its creators know which PCs it has infected. The worm leaves open a backdoor on compromise computers, which can then be used to spread spam or as zombie drones in DDoS attack networks.

More here, my young apprentices.