New Yahoo Worm Targets All Yahoo Email – Yamanner Worm Has No Manners at All
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

A new Yahoo worm being called the “Yamanner worm” is targeting all of Yahoo email; in fact the only version of the Yahoo email program which is at present safe from the Yamanner Yahoo email worm is a not yet fully released beta version of Yahoo mail.

The Yamanner worm takes advantage of a Java script flaw in Yahoo mail, which means that the Yahoo user doesn’t have to do anything other than just open the email bearing the Yamanner worm.


Once the email is open, the Yahoo mail worm infects the user’s computer, sends itself to everyone in the user’s Yahoo address book, and sends all of those Yahoo email addresses back to a remote site (presumably that of the Yamanner author, who can then sell those email addresses or use them themselves for spamming).

So far, that email has always carried the subject “New Graphic Site”, but as people get smart to that, there is no reason to think that Yamanner’s author won’t change that.

As of this morning, the worm had hit Yahoo’s server at least 100,000 times.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

No patch is available at present, however Yahoo has said that they are working on fixing the flaw. “We have taken steps to resolve the issue and protect our users from further attacks of this worm. The solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the use,” said a Yahoo spokesperson.

So what should you do? For at least a few days, be hypervigilant about the email you receive through Yahoo mail, and check it carefully before opening it. If you don’t recognize the sender, or even if you do recognize the sender but the subject is “New Graphic Site”, don’t open it!

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

4 thoughts on “New Yahoo Worm Targets All Yahoo Email – Yamanner Worm Has No Manners at All
0 (0)

  1. My Yahoo mail is down. No subject line. Assume it is due to the yamanner worm. Is there a downloadable fix for this?

  2. The only solution is NOT TO OPEN A MAIL WITH SUBJECT “New Graphic Site”. And if unfortunately you have been hit, then just RELAX because the worm has done its work already (sending mails from your account to all you address book entries and sending a copy of contacts to remote server).

  3. I noticed one of their fixes last night when I tried to forward a message to someone in my address book. There was a captcha screen to go through. Not a bad short term solution. A little annoying, but probably pretty effective.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.