Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Yahoo mass-mailer worm

Yahoo mass-mailer worm

by Nikola Strahija on June 13th, 2006 The famous search engine, but also a service provider, has been hit by a nasty worm using a vulnerability in Yahoo webmail service.


The [email protected] worm represents a zero-day vulnerability to all those with a yahoo webmail account. Differently from all those known mail worms, this one runs as soon as the user opens the email, exploiting that way the flaw in Yahoo mail that allows scripts embedded in HTML e-mail to run in the users' browsers.

The worm than acts like Yahoo webmail Quickbuilder, harvests the email addresses ending in @yahoo.com or @yahoogroups.com, and than sends itself forward. The worm also opens a browser window and displays one website.

There is a quick fix for this until the Yahoo company provides a patch. Users should change their Profile settings to disable autorun of HTML scripts. They should also avoid opening emails sent from [email protected]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »