There is a javascript based worm on the loose that is leveraging a problem with Yahoo’s email service.
Once executed, the worm forwards itself to an infected users’ contacts on Yahoo! Mail. It also harvests these address and sends them to a remote internet server. Only contacts with an email address of either @yahoo.com or @yahoogroups.com are hit by this behaviour.Infected emails commonly have the subject line “New Graphic Site” and are spoofed so as to appear from “av3@yahoo.com”. Users who open infected emails will be redirected to a webpage at www.av3.net/index.htm.
The worm did not require the attachment be opened in order to be spread.
At post time this has now reportedly been contained and patched by the folks at Yahoo.
[tags]Yahoo, Yahoo! Mail, Yahoo Worm, JavaScript worm, JS-Yamanner[/tags]
