A new Yahoo worm being called the “Yamanner worm” is targeting all of Yahoo email; in fact the only version of the Yahoo email program which is at present safe from the Yamanner Yahoo email worm is a not yet fully released beta version of Yahoo mail.
The Yamanner worm takes advantage of a Java script flaw in Yahoo mail, which means that the Yahoo user doesn’t have to do anything other than just open the email bearing the Yamanner worm.
Once the email is open, the Yahoo mail worm infects the user’s computer, sends itself to everyone in the user’s Yahoo address book, and sends all of those Yahoo email addresses back to a remote site (presumably that of the Yamanner author, who can then sell those email addresses or use them themselves for spamming).
So far, that email has always carried the subject “New Graphic Site”, but as people get smart to that, there is no reason to think that Yamanner’s author won’t change that.
As of this morning, the worm had hit Yahoo’s server at least 100,000 times.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
No patch is available at present, however Yahoo has said that they are working on fixing the flaw. “We have taken steps to resolve the issue and protect our users from further attacks of this worm. The solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the use,” said a Yahoo spokesperson.
So what should you do? For at least a few days, be hypervigilant about the email you receive through Yahoo mail, and check it carefully before opening it. If you don’t recognize the sender, or even if you do recognize the sender but the subject is “New Graphic Site”, don’t open it!
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
My Yahoo mail is down. No subject line. Assume it is due to the yamanner worm. Is there a downloadable fix for this?
The only solution is NOT TO OPEN A MAIL WITH SUBJECT “New Graphic Site”. And if unfortunately you have been hit, then just RELAX because the worm has done its work already (sending mails from your account to all you address book entries and sending a copy of contacts to remote server).
so how do you rid your machine of it? anybody have a fix yet?
I noticed one of their fixes last night when I tried to forward a message to someone in my address book. There was a captcha screen to go through. Not a bad short term solution. A little annoying, but probably pretty effective.