Tuesday, June 13, 2006

Yahoo Email Virus

Reported today on Reuters

Yahoo Inc., the world's largest provider of e-mail services, said on Monday that a software virus aimed at Yahoo Mail users had infected "a very small fraction" of its base of more than 200 million accounts.

The e-mail virus, or worm, has been dubbed Yamanner and landed in Yahoo mailboxes bearing the headline "New Graphic Site." Once opened, the message infects the computer and spreads to other users listed in Yahoo users' e-mail address books, security experts said.

The e-mail containing the virus need only be opened -- in contrast to most worms that are hidden in attachments and require users to take an additional step -- to release the virus, according to computer security site Symantec Corp.

The Sunnyvale, California-based company advised users to update virus and firewall software on their computers and to block any e-mail sent from the address "av3@yahoo.com."

Symantec's Security Response site have suggested that Yahoo Mail users might protect themselves by upgrading to the latest test version of the recently upgraded Yahoo Mail software as they reckon that the worm cannot run on Yahoo Mail Beta.

JS.Yamanner@m is a worm that is written in JavaScript. It exploits a vulnerability in the Yahoo email service to send a copy of itself to the user's Yahoo email contacts.

From: Varies
Subject: New Graphic Site
Message body: Note: forwarded message attached.