Braid virus shows Klez similiarities

A new mass-mailing computer virus known as W32.Braid has slowly spread among PCs over the weekend, said U.K. e-mail service provider MessageLabs. Although the company has seen only 43 copies of the virus--indicating an extremely slow start--W32.Braid shares some attributes of the widely spread Klez family of viruses and could have similar success. Among the similarities, both viruses forge a fake sender address in the e-mails they use to propagate themselves, which makes finding infected PCs more difficult.

The Klez.h variant of the Klez virus has sent out millions of e-mail messages with a copy of itself attached. Since it was first placed on the Internet in April, the virus has topped the charts of malicious e-mail attachments found by antivirus firms and e-mail service providers, which filter junk e-mail for companies and also zap messages that have viruses attached.

W32.Braid, also known as PE.Brid, can spread to PCs running any version of Microsoft Windows. People who use Microsoft Internet Explorer 5.01 and 5.5 may find that their computers automatically become infected, because Braid uses an old flaw in Internet Explorer to automatically execute the attachment that carries it when the e-mail message is viewed. Patching the program with Service Pack 2 will solve the problem, Network Associates said in its advisory on the virus.

Like Klez, Braid contains its own e-mail engine, so once it infects a computer, it doesn"t need to use an e-mail client, such as Outlook, to spread. The virus will also attempt to infect any program, as well as screen saver files. So far, though, antivirus researchers believe that Braid simply spreads itself, and doesn"t actually destroy data.

View: The full story

News source: ZDNet

Report a problem with article
Next Article

Chinese province issues swipe IDs to Internet cafe users

Previous Article

Zoom Player 2.90 Rc2