View Full Version : Email Virus warning


James"Thunder"Early
06-13-2006, 01:11 PM
This one is one Yahoo and has an attachment, but here's the big danger, all you have to do is open the email and the virus will run, so be careful what you open in you Inbox.

http://www.betanews.com/article/Worm_Targets_Yahoo_Mail_Users/1150214658
Worm Targets Yahoo Mail Users

By Ed Oswald (%20eoswald@betanews.com), BetaNews

June 13, 2006, 12:21 PM

A worm that is exploiting a flaw within Yahoo Mail is currently making its way through the service, security firm Symantec warned on Monday. However, Yahoo has since offered a patch for the flaw, which it says affected only a few of its customers.
Called "Yamanner," the worm took advantage of a JavaScript issue within the client that affects all versions except for the current beta. It comes hidden in an e-mail titled "New Graphic Site" that when open launches the worm.

From there, the worm spreads itself to all on the user's Yahoo contact list, along with sending those email addresses to a remote server. In its advisory, Symantec said it believed this would later be used to spam those addresses.Yahoo said in a statement that the issue had been repaired and the update automatically sent to all customers. However, both Yahoo and Symantec said it still would be a good idea to ensure than virus definition files are up to date.
According to Symantec research, the remote server that the worm calls was hit approximately 100,000 times, giving an idea of the extent of the infection. The firm gave the worm a rating of "2" out of a five-level numerical rating system.
Symantec said it was too early to judge whether or not the attackers would attempt to alter the worm so it could infect other Web-based e-mail systems.

Brad Russ
06-13-2006, 01:40 PM
Oh ****, I just got that email this morning, and since it was from someone I knew, I opened it. Ooops!!! :(

MsOrange
06-13-2006, 02:33 PM
Oh ****, I just got that email this morning, and since it was from someone I knew, I opened it. Ooops!!! :(
http://housecall.trendmicro.com/

Brad Russ
06-13-2006, 02:58 PM
http://housecall.trendmicro.com/

Thanks Mel, I'll scan it now!! :)

bossradio93
06-13-2006, 04:29 PM
http://news.yahoo.com/s/ap/20060613/ap_on_hi_te/yahoo_worm_1;_ylt=AnLjvzZHCFckEZ0gxO.b5QzJ2sUA;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl (http://news.yahoo.com/s/ap/20060613/ap_on_hi_te/yahoo_worm_1;_ylt=AnLjvzZHCFckEZ0gxO.b5QzJ2sUA;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl)

Update:Yahoo says e-mail worm now contained

1 hour, 48 minutes ago

SUNNYVALE, Calif. - Yahoo Inc. (Nasdaq:YHOO - news) said Tuesday it has contained a malicious program aimed at the millions of people who use its e-mail service, which ranks as the world's largest.

The worm, dubbed "Yamanner," infected a recipient's computer as soon as the toxic e-mail was opened. It then scanned contact lists for additional targets, according to security software maker Symantec Corp.

Sunnyvale, Calif.-based Yahoo said "a very small fraction" of its more than 200 million e-mail accounts were infected Monday when the problem was first identified. The worm didn't affect the next version of Yahoo's e-mail service, which remains in its test, or "beta," phase.

"We have taken steps to resolve the issue and protect our users from further attacks of this worm," Yahoo spokeswoman Kelley Podboy said. "The solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the user."

As a precaution against variations on the Yamanner worm, Yahoo advised its e-mail users to update their antivirus programs and block all incoming correspondence from av 3 @ yahoo. com.

The worm arrived in the form of an e-mail containing JavaScript and contains the words "New Graphic Site" in the subject field, according to Symantec, the maker of Norton antivirus software.

Unlike many worms that require an attachment to be opened, the latest bug was unleashed as soon as the e-mail was opened. It burrowed into e-mail contact lists in search of addresses containing the domains yahoo.com and yahoogroups.com, according to Symantec.

Yahoo! News/AP-June 13, 2006


Thanks for mentioning it, James. :cool: