Weekly Virus Report - Klez Dominance and Bride Worm
Posted on 25.11.2002
Virus news this week has centered around the appearance of Bride.B, and the continued dominance of Klez.I (W32/Klez.I) and Bugbear (W32/Bugbear) in the leading positions of the ranking of the most virulent malicious code, as compiled from data provided by Panda ActiveScan, the free online antivirus from Panda Software.

Over the last seven days, of the total number of computers in which ActiveScan detected an infection, Klez.I was the culprit in 13.64 percent of cases, followed by Bugbear (6.63%) and Bride (W32/Bride) (3.86%). The top three are closely followed by Trj/PWS.Bugbear (3.68%) and Elkern.C (3.59%).

This week a new variant of W32/Bride has appeared, W32/Bride.B. This worm spreads via e-mail, by sending itself out to the addresses that it finds in the HTM files and Outlook Express folders in the affected computer. This virus reaches computers in an e-mail message with the following characteristics:

- Subject: (this field is left blank).

- Message:

My name is donkey-virus.
I wish you a merry Christmas and happy new year.
Thank you

- Attachments: README.EXE

Bride.B activates when the attached file is run or when the e-mail message carrying this worm is viewed in the Preview Pane. It does this by exploiting the Exploit/iFrame vulnerability in the Microsoft Internet Explorer browser. When it carries out its infection, this malicious code temporarily removes the icons from the Desktop and ends active processes. In order to carry out its infection, it creates the following files:

-MADAM.EXE, which is a copy of the worm. This file's icon is similar to the Internet Explorer icon.

-MADAM.EML, which is a copy of the message that this worm sends out.


How safe are Android-based children’s tablets?

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 26th