<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d24605170\x26blogName\x3dWhat\x27s+New\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://newsko.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://newsko.blogspot.com/\x26vt\x3d-5077661798594369790', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe", messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER, messageHandlers: { 'blogger-ping': function() {} } }); } }); </script>
   What's New[definition].  
 
    
Google
Google Web
« Home

Posts

Microsoft working on Word patch
How to compete with FeedBurner
Feedpass Does Absolutely Nothing
"Pay Per Click" fraud botnet discovered
MacSaber: Turn Your Mac Into A Jedi Weapon
Google Properties - Understanding the Breakdown
Samsung Intros Hybrid Hard Drive
Friendster Mobs - Web Chat Coming
AOL to Release YouTube Clone
Sony Ericcson's W710 Walkman quad-band GSM
 
     Archives
March 2006
April 2006
May 2006
June 2006
July 2006
 
     Links




Word of the Day

Article of the Day

This Day in History

In the News

Quotation of the Day

Yahoo IM worm hijacks browsers

The "Safety Browser" the worm installs leads users to adware and spyware sites and plays bad music each time the computer boots.

A worm running through Yahoo's instant messaging network is installing a browser of its own -- a first for IM malware -- that leads users to adware and spyware sites, several security firms said Monday.

The worm, dubbed "Yhoo32.explr" by IM security vendor FaceTime Communications on Friday and "Browaf" by Symantec on Monday, is installed when Yahoo users click on a malicious link embedded within an instant message.

Yhoo32.explr downloads and installed the so-called "Safety Browser," which adds an IE-like icon to the desktop, and when used, takes the unsuspecting to sites where their PCs are infected with adware and spyware. The worm also changes the home page of IE to point to Safety Browser's site.

To complicate things, Safety Browser doesn't post an Uninstall option in Windows' Add or Remove Programs Control Panel applet.

"This is one of oddest and more insidious pieces of malware we have encountered in years," said Tyler Wells, senior director of research at FaceTime, in a statement.

"This is the first instance of a complete web browser hijack without the user's awareness. Similar 'rogue' browsers, such as 'Yapbrowser', have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers."

Along with the bogus browser, the worm makes the PC blare out screeching music thick with bad guitar licks and drum solos. The headache-inducing noise plays every time the computer boots or Safety Browser launches.

Anti-virus vendors, such as Symantec, are working on signatures to detect the new Yahoo IM worm; FaceTime said that has already it updated its customers' software.
Yahoo IM worm hijacks browsers - Monday, May 22, 2006 -

Post a Comment

Enter your email address:

Delivered by FeedBurner



 

Linux Tips and Tricks - Mox Diamond - Arcane Denial - Sylvan Library
Linux Tips and Stuff - ba-zoo-ra - iBUG teks/

© 2006 What's New