This week, Bugbear (W32/Bugbear) has held on to its top position in the list of the most frequently detected malicious codes by Panda ActiveScan. Together with this worm, Appix.B has also been a protagonist of this week’s virus activity.
In the last seven days, 15.93 percent of virus infections detected by Panda Software’s free, online scanner were caused by Bugbear; 12.87 percent of them were provoked by Trj/PSW.Bugbear , a Trojan closely related to the malicious code above; whereas third place was held by Klez.I, with 11.3 percent. A long way behind came Elkern.C and Opaserv, with infection percentages of 3.84 percent and 3.29 percent respectively.
This week has also seen the appearance of Appix.B (W32/Appix.B), a worm that spreads via e-mail in a message with variable characteristics aimed at tricking users. The attached file, however, always has an EXE or SCR extension.
Appix.B can run itself automatically simply when the message that carries it is viewed in the mail client’s Preview Pane. In order to do this, and like other malicious code such as Klez.I or Bugbear, this worm takes advantage of a known vulnerability in the Microsoft Internet Explorer browser. The worm also terminates certain processes, most of which belong to antivirus programs.