Weekly Virus Report - Klez Dominance and Bride Worm
Posted on 25.11.2002
Virus news this week has centered around the appearance of Bride.B, and the continued dominance of Klez.I (W32/Klez.I) and Bugbear (W32/Bugbear) in the leading positions of the ranking of the most virulent malicious code, as compiled from data provided by Panda ActiveScan, the free online antivirus from Panda Software.

Over the last seven days, of the total number of computers in which ActiveScan detected an infection, Klez.I was the culprit in 13.64 percent of cases, followed by Bugbear (6.63%) and Bride (W32/Bride) (3.86%). The top three are closely followed by Trj/PWS.Bugbear (3.68%) and Elkern.C (3.59%).

This week a new variant of W32/Bride has appeared, W32/Bride.B. This worm spreads via e-mail, by sending itself out to the addresses that it finds in the HTM files and Outlook Express folders in the affected computer. This virus reaches computers in an e-mail message with the following characteristics:

- Subject: (this field is left blank).

- Message:

Hello,
My name is donkey-virus.
I wish you a merry Christmas and happy new year.
Thank you

- Attachments: README.EXE

Bride.B activates when the attached file is run or when the e-mail message carrying this worm is viewed in the Preview Pane. It does this by exploiting the Exploit/iFrame vulnerability in the Microsoft Internet Explorer browser. When it carries out its infection, this malicious code temporarily removes the icons from the Desktop and ends active processes. In order to carry out its infection, it creates the following files:

-MADAM.EXE, which is a copy of the worm. This file's icon is similar to the Internet Explorer icon.

-MADAM.EML, which is a copy of the message that this worm sends out.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //