Yahoo Messenger Vulnerability lets Malware through Compromised Status Messages

Users of Yahoo Messenger, in a new development, may've their status updates altered despite their wishes, and thereby inadvertently spread malicious software, reported Help Net Security on December 2, 2011.

Actually, remote attackers by using one just-found exploit within Messenger client edition 11.x are randomly altering status messages belonging to practically any user of Yahoo Messenger who maybe executing the susceptible edition.

Security researchers at BitDefender the anti-virus firm discovered the particular flaw when they were examining a consumer's complaint regarding unexpected behavior of Yahoo Messenger.

They explain that the assault starts whilst an attacker dispatches one file, to the end-user, that's maliciously-crafted as also installs an iFrame. This iFrame manipulates the $InlineAction parameter of the IM (instant messaging) software for enabling the installation of a web-link or text within the targeted user's status update that then get altered.

Moreover, this iFrame, which's dispatched like one routine message, arrives from some other user of the Yahoo IM, whether or not that user is known to the victim.

Communications and e-threats analysis expert Bogdan Botezatu of BitDefender stated that users who got victimized mightn't be able to know the alteration in their status updates incase they ran Yahoo Messenger ver.11.5 that backed tabbed conversations, while also not detect the malicious queries. CSO reported this on December 2, 2011.

Meanwhile, the security flaw within the Yahoo Messenger can further be exploited within associate advertising programs. Rather than execute fake Facebook campaigns, which take end-users onto online-surveys, cyber-crooks can quite compromise status messages that would yield just similar impact.

The status messages contain web-links that normally get clicked as many times as the number of friends whom the victim sends his messages. That implies that the majority of people on the victim's contact list will follow the URLs that are spammed via the particular method, BitDefender stated.

Thus, as self-defense from the assault, end-users for now require altering their Yahoo Messenger configurations that'll prevent any message from an unknown to enter in.

Conclusively, the problem has been notified to Yahoo and expectedly the company will ensure the safety of its consumers by launching an update soon.

Related article: Yahoo Gets “Yam”med by a Worm

» SPAMfighter News - 12/12/2011