Yahoo Gets “Yam”med by a Worm
The email worm named Yamanner has gate-crashed its way into Yahoo mailboxes by bearing the headline "New Graphic Site." Unlike typical worm infected mails that contain worms as attachments in the mail, the Yamanner enters into a computer the moment the mail is opened. Once the computer is infected, the worm will spread to other users by sending itself to all the addresses listed in the infected users' Yahoo! address book. The worm targets addresses with the "yahoo.com" and "yahoogroups.com".
Security companies like Trend Micro and McAfee consider the Yamanner low threat level worm, while Symantec has considered the threat as "2" in its 1 through 5 rating system. In other words, it is an "elevated threat," one step up from the lowest ranking in terms of relative danger.
The message is sent from an address of email@example.com and according to Symantec, the worm can not cause damage in the newly launched version of Yahoo Mail Beta.
Yahoo has a mail user base of more than 200 million and it is said that only a very small fraction of it's users have been affected by this rogue mail. Due to the unavailability of a patch for this problem, users are requested to update their antivirus definitions and firewall signatures and to block any e-mails sent from firstname.lastname@example.org.
All the systems that operate with Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003 and Windows XP are susceptible to this worm.
Related article: Yahoo China Taken To Court For Imparting Malware
» SPAMfighter News - 13-06-2006