Latest Trojan Unexpectedly Disables Firewall, Antivirus and Other Security Applications Upon Opening Email Attachments
SUNNYVALE, Calif., Sept. 19 -- Fortinet -- the pioneer and market leader of Unified Threat Management and only provider of ASIC- accelerated, network-based multi-threat security systems for real-time network protection -- today announced that its FortiGate(TM) integrated security appliances, FortiMail(TM) Secure Messaging Systems and FortiClient(TM) Host Security software protect against W32/Bagle.CJ-mm (also known as W32/Mitglieder.FE). A new Trojan, W32/Bagle.CJ-mm is received via an email with .exe or .zip file attachments that contain a malicious executable file, which injects itself into Windows Explorer processes and stays resident in memory upon execution.
As a Trojan, W32/Bagle.CJ-mm is spammed and does not spread by itself. Upon opening related attachments, the Trojan affects users by unexpectedly disabling firewall, antivirus and other security related applications, renaming files, deleting processes and generally lowering security settings. This latest Trojan is affecting users worldwide and Fortinet rates W32/Bagle.CJ-mm as a "Level Four" threat given that it is currently being spammed out in very large numbers.
To protect against W32/Bagle.CJ-mm, Fortinet advises against opening simplistic email messages with .exe or .zip attachments, as well as attachments within emails from unknown senders. For instance, Fortinet advises against opening the attachment within the following example email:
Subject: new price
Automatic Updates: FortiGuard Distribution Network
All FortiGate systems in production worldwide are kept up to date automatically by Fortinet's FortiGuard Distribution Network, which provides continuous updates that ensure protection against the latest threats around the clock and around the world. To protect customers against W32/Bagle.CJ-mm, Fortinet published antivirus databases V6.066 for its thousands of FortiGate systems within two hours of receiving the first malicious sample. With this latest antivirus database update, Fortinet's FortiGate systems block the Trojan, and other types of threats, at the gateway before it enters customers' networks.
For further information on W32/Bagle.CJ-mm, please visit Fortinet's virus encyclopedia at: www.fortinet.com/VirusEncyclopedia/encysearch.jsp?fid=92895 .
For more information on Fortinet's FortiGuard Distribution Network please visit: www.fortinet.com/FortiGuardCenter/av.html .
About Fortinet (www.fortinet.com)
Fortinet is the confirmed leader of the Unified Threat Management market. The company's award-winning FortiGate(TM) series of ASIC-accelerated multi- threat security systems, winner of the 2004 Security Product of the Year Award from Network Computing Magazine and the 2003 Networking Industry Awards Firewall Product of the Year, are the new generation of real-time network protection systems. They detect and eliminate the most damaging, content-based threats from e-mail and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time -- without degrading network performance. Fortinet's solutions are the only security products that are certified six times over by the ICSA (server antivirus, client antivirus, firewall, IPSec, SSL, NIDS), and deliver a full range of network-level and application-level services in integrated, easily managed platforms. Named to the Red Herring Top 100 Private Companies, Fortinet is privately held and based in Sunnyvale, California.
CONTACT: Kelly LeBlanc, +1-408-486-7876, or email@example.com, or Michelle Spolver, +1-408-486-7837, or firstname.lastname@example.org, both of Fortinet, Inc.