Results 1 to 2 of 2

Thread: W.32.Braid worm

  1. #1
    Senior Member
    Join Date
    Apr 2002

    W.32.Braid worm

    I was looking through some of the sites i visit ocasionaly and came across this it's a new worm in the wild the Braid worm.
    It lok's like some one has modified the code for the klezh worm because this virii is similar as to that of the klezh virus.Allthough researchers have only heard of 43 strains of the virii found doesent meen to say this worm couldnt explode on the net with a bang so heads up

    original story i found http://news.zdnet.co.uk/story/0,,t278-s2125335,00.html

    A new mass-mailing computer virus known as W32.Braid has slowly spread among PCs over the weekend, said UK email service provider MessageLabs.

    Although the company has seen only 43 copies of the virus -- indicating an extremely slow start -- W32.Braid shares some attributes of the widely spread Klez family of viruses and could have similar success. Among the similarities, both viruses forge a fake sender address in the emails they use to propagate themselves, which makes finding infected PCs more difficult.

    The Klez.h variant of the Klez virus has sent out millions of email messages with a copy of itself attached. Since it was first placed on the Internet in April, the virus has topped the charts of malicious email attachments found by antivirus firms and email service providers, which filter junk email for companies and also zap messages that have viruses attached.

    W32.Braid, also known as PE.Brid, can spread to PCs running any version of Microsoft Windows. People who use Microsoft Internet Explorer 5.01 and 5.5 may find that their computers automatically become infected, because Braid uses an old flaw in Internet Explorer to automatically execute the attachment that carries it when the email message is viewed. Patching the program with Service Pack 2 will solve the problem, Network Associates said in its advisory on the virus.

    Like Klez, Braid contains its own email engine, so once it infects a computer, it doesn't need to use an email client, such as Outlook, to spread. The virus will also attempt to infect any program, as well as screen saver files. So far, though, antivirus researchers believe that Braid simply spreads itself, and doesn't actually destroy data.

    While many of the tactics Braid uses to spread resemble those used by the Klez family, the program itself seems closer to a more famous virus, LoveLetter. Antivirus software from Network Associates and rivals Symantec and Trend Micro all detect Braid as a variant of FunLove, a close relative of LoveLetter.

    Because the virus is already detected by all major antivirus software, the application makers have labelled Braid a fairly minor danger.

    Network Associates has rated Braid a low-priority threat, while Trend has rated the virus a medium risk, and Symantec has given the worm a two out of five, with five being the most severe.
    heres a link to an analysis on the worm

    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work

  2. #2
    Nice one. Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts