Site icon Liquidmatrix Security Digest

JavaScript Worm Targets Yahoo!

There is a javascript based worm on the loose that is leveraging a problem with Yahoo’s email service.

Once executed, the worm forwards itself to an infected users’ contacts on Yahoo! Mail. It also harvests these address and sends them to a remote internet server. Only contacts with an email address of either @yahoo.com or @yahoogroups.com are hit by this behaviour.Infected emails commonly have the subject line “New Graphic Site” and are spoofed so as to appear from “av3@yahoo.com”. Users who open infected emails will be redirected to a webpage at www.av3.net/index.htm.

The worm did not require the attachment be opened in order to be spread.

At post time this has now reportedly been contained and patched by the folks at Yahoo.

Article Link

[tags]Yahoo, Yahoo! Mail, Yahoo Worm, JavaScript worm, JS-Yamanner[/tags]

Exit mobile version