Weekly Virus Report - Klez Dominance and Bride Worm
Posted on 25.11.2002
Virus news this week has centered around the appearance of Bride.B, and the continued dominance of Klez.I (W32/Klez.I) and Bugbear (W32/Bugbear) in the leading positions of the ranking of the most virulent malicious code, as compiled from data provided by Panda ActiveScan, the free online antivirus from Panda Software.

Over the last seven days, of the total number of computers in which ActiveScan detected an infection, Klez.I was the culprit in 13.64 percent of cases, followed by Bugbear (6.63%) and Bride (W32/Bride) (3.86%). The top three are closely followed by Trj/PWS.Bugbear (3.68%) and Elkern.C (3.59%).

This week a new variant of W32/Bride has appeared, W32/Bride.B. This worm spreads via e-mail, by sending itself out to the addresses that it finds in the HTM files and Outlook Express folders in the affected computer. This virus reaches computers in an e-mail message with the following characteristics:

- Subject: (this field is left blank).

- Message:

Hello,
My name is donkey-virus.
I wish you a merry Christmas and happy new year.
Thank you

- Attachments: README.EXE

Bride.B activates when the attached file is run or when the e-mail message carrying this worm is viewed in the Preview Pane. It does this by exploiting the Exploit/iFrame vulnerability in the Microsoft Internet Explorer browser. When it carries out its infection, this malicious code temporarily removes the icons from the Desktop and ends active processes. In order to carry out its infection, it creates the following files:

-MADAM.EXE, which is a copy of the worm. This file's icon is similar to the Internet Explorer icon.

-MADAM.EML, which is a copy of the message that this worm sends out.





Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //