Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Js.yamanner Spreads Via Yahoo's Free Email Service

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA
PostPosted: Mon Jun 12, 2006 6:36 am    Post subject: Js.yamanner Spreads Via Yahoo's Free Email Service Reply with quote
Quote:
JS.Yamanner@m is a worm that is written in JavaScript. It exploits a vulnerability in the Yahoo email service to send a copy of itself to the user's Yahoo email contacts...
secunia.com
_________________
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA
PostPosted: Tue Jun 13, 2006 7:31 am    Post subject: Reply with quote
Last Updated: 2006-06-12 21:19:00
Quote:
...To activate the mass-mailer it is sufficient to open the mail message without clicking on the attachment and it will scour your address list and send itself as an attachment (forwarded message) to everyone on it. It searches for both @yahoo.com and @yahoogroups.com e-mail addresses...There is currently no trivial fix for Yahoo! mail as turning off Javascript on the browser will prevent you from reading your e-mail... Yahoo! is aware of the issue and is working on a fix, in their words "Yahoo! Mail is blocking most of these messages, and is working on a fix."
http://isc.sans.org/diary.php?compare=1&storyid=1398

To clarify, the Yamanner worm does not send itself as an attachment, it resides inside the e-mail body. The worm activates automatically by just opening an infected e-mail message with Internet Explorer. It uses a 0-day vulnerability in Yahoo! webmail system.

Just received this from our network Administrator (no link was provided).
Quote:
Yahoo says that a solution has automatically been distributed to all Yahoo mail customers, but Symantec's Security Response site suggests that Yahoo mail users might best protect themselves by upgrading to the latest test version of the recently upgraded Yahoo Mail software. "The worm cannot run on the newest version of Yahoo Mail Beta", Symantec's site says.

_________________
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group