RSSWorm Targets Yahoo Mail Users
By Ed Oswald | Published June 13, 2006, 12:21 PM
A worm that is exploiting a flaw within Yahoo Mail is currently making its way through the service, security firm Symantec warned on Monday. However, Yahoo has since offered a patch for the flaw, which it says affected only a vulnerability of its customers.
Called "Yamanner," the worm took advantage of a JavaScript issue within the client that affects all versions except for the current beta. It comes hidden in an e-mail titled "New Graphic Site" that when opened launches the worm.
From there, the worm spreads itself to all on the user's Yahoo contact list, along with sending those e-mail addresses to a remote server. In its advisory, Symantec said it believed this would later be used to spam those addresses.
Yahoo said in a statement that the issue had been repaired and the update automatically sent to all customers. Still, both Yahoo and Symantec said it still would be a good idea to ensure than virus definition files are up to date.
According to Symantec research, the remote server that the worm calls was hit approximately 100,000 times, giving an idea of the extent of the infection. The firm gave the worm a rating of "2" out of a five-level numerical rating system.
Symantec said it was too early to judge whether or not the attackers would attempt to alter the worm so it could infect other Web-based e-mail systems.
"Worm Targets Yahoo Mail Users"? No loss.
Score: 0
|I use gmail as my main pop3 account, can't beat the what is at now 2.7gb of store.
I then use spammotel.com to test out sites I'm not sure about and for the rest pookmail.com
Score: 0
|To protect yourself from this and similar exploits that may crop up in the future, you should try using Firefox with the NoScript extension:
https://addons.mozilla.org/firefox/722/
That extension alone is worth getting people to switch browsers. I also recommend changing the default Yahoo email settings under Mail Options, Spam Protection, make sure you check:
"Block all images until I've had a chance to look it over."
And under General Preferences-->Messages-->Security
make sure you check:
"Block HTML graphics in email messages from being downloaded".
Score: 0
|You can disable JavaScript in IE. You can even do it bye site where sites on your trusted list still use JS. All this without the need for 3rd party ext. :)
Score: 0
|I was wondering what was going on with all the spam.I have a upto date virus program and it did not help.I wonder if this will happen any time soon again.I think symantec sucks!
Score: 0
|Nothing safe anymore!
Score: 0
|*. . security firm Symantec warned on Monday*.
Yeah, like Symantec is a good source for virus info...
Score: 0
|This article is pretty light on the details so here's some more info from The Register:
"The JS-Yamanner worm spreads when a Windows user accesses Yahoo! Mail to open an email sent by the worm. The attack works because of a vulnerability in Yahoo! Mail that enables scripts embedded within HTML emails to be run within a user’s browser instead of being blocked.
Once executed, the worm forwards itself to an infected users' contacts on Yahoo! Mail. It also harvests these address and sends them to a remote internet server. Only contacts with an email address of either @yahoo.com or @yahoogroups.com are hit by this behaviour.
Infected emails commonly have the subject line "New Graphic Site" and are spoofed so as to appear from "av3@yahoo.com". Users who open infected emails will be redirected to a webpage at w**.av3.net/index.htm.
Symantec Security Response senior manager Kevin Hogan said: "Unlike its predecessors, which would require the user to open an attachment in order to launch and propagate, JS-Yamanner makes use of a security hole in the Yahoo! web mail program in order to spread to other Yahoo! users. Yahoo! is a popular email tool, and although normally closed to such threats, the exploitation of this vulnerability provides access to a significant number of internet users."
Linked article from The Register:
http://www.theregister.c...argets_yahoo/print.html
Score: 0
|*This article is pretty light on the details*
I have found this to be true on MOST articles on Betanews, which is why we seem to have so much in the way of conflicting info. People won't take the time to research on their own, and they take the Betanews version as gospel. It has THEIR slant, and not necessarily ALL the info, as you have seen.
Score: 0
|Web-based e-mail systems are for loosers anyway.
What ever happend to just using good old POP?
Score: 0
|No, that isn't 100% correct. I use yahoo, for spam. You know, those sites you have to sign up for that require and email address and when setting up domains. That is all I use it for.
Score: 0
|If all you're using it for is SPAM bait, then you might want to try mailinator. It's much more efficient than Yahoo Mail for that.
www.mailinator.com
Score: 0
|Let me guess, you never travel, right?
Score: 0
|Ya, I like using a VAX system for e-mail WAY better than any modern e-mail system.
Exchange what?
Score: 0
|Funny, that's what my gmail account is for, because no matter how many times you press "spam" it never goes away.
Yahoo, I hardly get spam. Then I am a FULL registered user, with 2 gig mailbox, and unlimited spam, but I don't get much spam, I get some, but not NEAR the amount from Gmail, and no one knows my gmail account.. I rarely use it.
I use my Yahoo account for purchases and such, but I don't have ANY problems. I have had it since '91.
Score: 0
|Are you a goober or what? Our company doesn't even allow pop3. That's problem 1.
Problem 2, when you use POP3, your mail STAYS on that machine where you retrieve it from.
Webmail, you can have access to your webmail anywhere in the world, from any computer. NO software is required, just a browser. I can even get my yahoo mail on my phone.
So, don't be stupid. webmail is MUCH more friendly than installing a client and only access to your email on 1 machine.
YOU are a loser. Obviously you are locked in a cage and haven't caught on to technology yet. Or maybe you are still in jail?
Score: 0
|My company prevents the use of pop3 AND webmail. They don't want people accessing webmail and getting a virus and infecting the network.
Score: 0
|Most POP3 mail programs allow you to keep the mail on the server instead of deleting it off the server once it is downloaded, so you get to read all your POP3 mail on your desktop but are still able to access it through webmail.
Score: 0
|Wow talk about tough practices..
so how are you supposed to get your email? VPN?
Score: 0
|I knew someone was going to mention this, however, that is an option and it depends on the SERVER. Not all POP3 emails allow you to retain data on the server, once you retrieve it, its gone.
And most people using Outlook and/or Eudora or whatever client you choose, won't KNOW that POP3 retention is available, I didn't want to bring this little fact up, because it requires a lot more work on the client side, not to mention remembering to set this option on EACH machine.
Can we just agree, webmail is just easier and using a client for POP3 isn't as lame as he claims?
My point is still valid, mail STAYS on that machine, whether you can retrieve it from another location or not. EACH machine from then on keeps a copy of your email, and also sent items, you can't keep a history.. POP3 is just a mess. Webmail is the way to go, if you can do it. A client just just be limited to corporate email.
Score: 0
|you've had your yahoo acct since before yahoo.com was created? you're awesome!
Score: 0
|Not to mention that most POP3 accounts still have very restrictive storage amounts. Most have gotten over the 10mb hurdle, but not much more than 100mb.
Try leaving all your mail with all the silly pictures that everyone sends to you on a 100mb e-mail account once!
Score: 0
|My bad. '95. There are you happy?
Score: 0
|yahoo mail didn't come out when yahoo was started. it didn't come out until 1997 (?)
http://en.wikipedia.org/wiki/Yahoo!_Mail
Score: 0
|