[ news_security_news ]
Worm Attacks Yahoo E-mail Service
Doug Caverly
Staff Writer
2006-06-12
 Insider Reports RSS Feed
The security specialist Symantec Corp. has issued a warning about a worm targeting Yahoo's e-mail service. The worm only requires that the e-mail containing it be opened - whereas most worms are located in attachments - but Symantec says the impact has been low.
Called "Yamanner," the worm was rated a 2 on Symantec's 5-point scale (with 5 being the most threatening). It acts by exploiting a vulnerability in the e-mail service's JavaScript that permits embedded scripts in HTML to run in any users' browsers. Kevin Hogan, senior manager for Symantec Security Response, suggested users disable their browser's JavaScript capabilities before reading any e-mail through Yahoo.
Like many worms, Yamanner is passing itself along. When a user opens an infected e-mail, the script automatically spreads the worm to anyone in the address book whose e-mail ends in @yahoo.com or @yahoogroups.com. So far, the worm has been contained in communications titled "New Graphic Site," and "av3@yahoo.com " commonly appears as the "from" address. The body of the e-mail reads "this is test."
According to Symantec, "Harvested addresses from the address book are then submitted to a remote URL, which is likely to be used for a spam database." The worm also opens a browser displaying a web page, but the site doesn't appear to do any harm.
Hogan did not expect the worm to spread widely, and he also believed the thread level would not rise.
Yahoo Mail Beta appears to be unaffected by Yamanner.
Add to | DiggThis | Yahoo! My Web
Technorati: Yamanner
About the Author:
Doug is a staff writer for SecurityProNews, InternetFinancialNews, SearchNewz, and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
