Monday, June 12, 2006

Worm Attacks Yahoo E-Mail

A mass-mail worm that exploits a vulnerability in Yahoo's Web-based e-mail is making the rounds.

The worm, which Symantec calls JS.Yamanner@m, is different from others in that a user merely has to open the e-mail to cause it to run, said Kevin Hogan, senior manager for Symantec Security Response. Mass-mail worms have usually been contained in an attachment with an e-mail note encouraging a user to open it.

The infected e-mail sent to Yahoo! users look as follows:

Subject: New Graphic Site
Body: Note: forwarded message attached.

This type of worm is not a surprise - it has been theorized since at least 2001. Yamanner is however the first worm to be realized in the wild.

Read more at Yahoo News

No comments: