Press Release - MicroWorld - Email Worm Spreads via Vulnerability in Yahoo Mail

If you get an email coming from 'av3@yahoo.com' in your Yahoo mail, with a subject line New Graphic Site, DO NOT Click on it. It carries a javascript worm named 'Yamanner', which will slip into your computer the moment the mail is opened.

Security experts from MicroWorld Technologies inform that this script worm does not require the recipient to download any attachment, as it exploits a vulnerability in the 'onload event handling' of the yahoo mail system to sneak into user computers. Yamanner then moves on to stealing email addresses from the address book of the victim using the Yahoo QuickBuilder Tool and starts sending itself to email ids with '@yahoo.com' and '@yahoogroups.com' domains.

Besides proliferating via spamming, it also sends the address list to the remote attacker. This could possibly be used for large scale email campaigns and other nefarious activities by online marketers and cyber criminals.

The mail then redirects the browser towards websites that market online animations and graphics, which stirs up popup ads on victim's computer screen. In another case, the user is asked to download a gambling program called Casino Tropez.

"The fact this worm redirects browsers to certain websites is a matter of concern," said Arti Taru, Assistant Manager, R&D, MicroWorld Technologies. "With slight modifications done, this worm can act as a Trojan Downloader, which can go to malicious websites and invite graver threats. When you a have a mail system so vast in reach like Yahoo, this possibility can be instrumental in wide-spread infections."

MicroWorld produces the world's most advanced security solutions eScan and MailScan, powered by the fastest updated AntiVirus system and the unique MWL technology. eScan and MailScan forcefully scan the body of HTML messages to prevent Script Viruses and Worms entering information systems. The Content Administrator module of eScan offers 'Active Content Blocking', where you can block java applets, java scripts and VB scripts while accessing websites.

"It's an increasing trend from malware writers to explore vulnerabilities in popular web applications and browsers, to inject Java scripts, VB scripts and other malware codes into user computers. The best solution to this breed of threats would be to rely on an intelligent AntiVirus system that can block all types of script worms. It's also vital for the security system to have a multi-layered spam filtering mechanism," said Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies.

MicroWorld

MicroWorld (www.mwti.net ) is the developer of the world's first Real-Time Anti-Virus and Content Security software eScan for desktops and servers. Its communication security software, MailScan is the first comprehensive e-mail scanner for your SMTP/POP3 Mail Server. MicroWorld Winsock Layer (MWL) is the revolutionary technology underlying these products, powering them to several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready, and Novell Ready. Combining their powerful scanner with MWL technology, MicroWorld solutions provide a Real-Time Proactive security for your systems. For network security of enterprises, eConceal Firewall is the latest powerful offering from MicroWorld.

To learn more, kindly visit http://www.mwti.net.