TELECOM Digest OnLine - Sorted: Worm Attacks Yahoo Email


Worm Attacks Yahoo Email


Reuters News Wire (reuters@telecom-digest.org)
Tue, 13 Jun 2006 15:43:43 -0500

Yahoo Inc. , the world's largest provider of e-mail services, said on
Monday that a software virus aimed at Yahoo Mail users had infected "a
very small fraction" of its base of more than 200 million accounts.

The e-mail virus, or worm, has been dubbed Yamanner and landed in
Yahoo mailboxes bearing the headline "New Graphic Site." Once opened,
the message infects the computer and spreads to other users listed in
Yahoo users' e-mail address books, security experts said.

The e-mail containing the virus need only be opened -- in contrast to
most worms that are hidden in attachments and require users to take an
additional step -- to release the virus, according to computer
security site Symantec Corp..

The Sunnyvale, California-based company advised users to update virus
and firewall software on their computers and to block any e-mail sent
from the address "av3@yahoo.com."

"We have taken steps to resolve the issue and protect our users from
further attacks of this worm," Yahoo spokeswoman Kelley Podboy said in
a statement.

"When we learn of e-mail abuse, such as a worm or other online threat,
we take appropriate action," she said. "(A) solution has been
automatically distributed to all Yahoo Mail customers, and requires no
additional action on the part of the user."

Yamanner, first detected by Yahoo and major computer anti-virus
software makers earlier on Monday, was ranked as having a low threat
level by Trend Micro Inc. and McAfee Inc.

But Symantec considers the worm an "elevated threat," one step up from
the lowest ranking in terms of relative danger.

Symantec's Security Response site suggested Yahoo Mail users might
protect themselves by upgrading to the latest test version of the
recently upgraded Yahoo Mail software.

"The worm cannot run on the newest version of Yahoo Mail Beta,"
Symantec's site said.

A Yahoo spokesman was not immediately available to comment on whether
the company advised users to do this.

The worm exploits a vulnerability in Javascript technology used to
make the mail program easier to use by triggering embedded HTML
scripts to run in the computer user's browser.

The e-mail addresses are also sent to a remote online computer server,
which may be used to run spam campaigns, experts said. The technical
name of the worm goes by variants of "JS.Yamanner."

Copyright 2006 Reuters Limited.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html

For more news and headlines each day, please go to:
http://telecom-digest.org/td-extra/newstoday.html (also)
http://telecom-digest.org/td-extra/technews.html

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Cellular-News: "Cellular-News: Tuesday 13th June 2006"
Go to Previous message: Washington Post Editorial Staff: "The Future of the Internet"
TELECOM Digest: Home Page