TELECOM Digest OnLine - Sorted: Malware Gives Out New, Bogus Browser


Malware Gives Out New, Bogus Browser


Jeremy Kirk (idg@telecom-digest.org)
Mon, 22 May 2006 11:04:42 -0500

IM Worm Installs Bogus Browser
Jeremy Kirk, IDG News Service

Malware writers have created a new worm that installs a new browser
and plays screeching music.

The annoyance starts with a link apparently sent by a friend in
Yahoo's instant messaging program.

Instant messaging security company FaceTime Communications described
the malware, which it calls "yhoo32.explr", as "insidious" in a
security advisory.

When the link is clicked, a worm installs the so-called "Safety
Browser," a program that leads the user to pages mined with adware and
viruses, FaceTime said. The Safety Browser uses an Internet Explorer
logo to make it look more legitimate.

New Type of Attack

Malware spread through instant messaging programs is on the
rise. However, FaceTime said this malware appeared to be the first to
install a browser without the user's permission.

The bug also hijacks Internet Explorer's home page, directing users to
the Safety Browser's Web site.

After it is launched, the worm sends itself to others on the user's
instant messaging contact list.

The malware is engineered to overwrite instant messages typed by a
user, FaceTime said. The infected message can also be changed
on-the-fly, the company said.

The screeching music, however, is blocked by Microsoft's Windows XP
Service Pack 2, FaceTime said.

FaceTime has posted screenshots of the infection process on its blog.

Copyright 2006 PC World Communications, Inc.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html

For other news and headlines, please go to:
http://telecom-digest.org/td-extra/technews.html

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Reuters News Wire: "Southeast Asian Cyber Attacks Still Way Off"
Go to Previous message: William Warren: "Re: Analog PBX Extender for Home Based Worker"
TELECOM Digest: Home Page