Home > General > Yamanner

Yamanner

Mail to the following Web site: [http://]www.av3.net/index.htm

Sends the list of gathered email addresses to the above URL. As Yamanner recipients opened their messages, there was no outward sign for the user that anything was amiss. See these threads,http://forum.kaspersky.com/index.php?showtopic=16228http://forum.kaspersky.com/index.php?showtopic=160894) You are in the wrong forum, you should have posted in Protection for Home Users.Don might move this thread for you, so look for it there.Ron Piston Ron THE TAKE OVER..

but how do I send the email without opening it, if I open it again it will run the code??Here is a link to ZDnet about the worm ....http://news.zdnet.com/2100-1009_22-6082934.htmlThanks,ArnoldOkay, now Yahoo By doing so, it was building an email list with many thousands of names that could be sold to spammers, note Web security experts. Careers Privacy Policy Terms of Service Recent tweetsSorry, that page does not exist. In addition to ordering the user's computer to query the Yahoo mail server for the user's address book, generate a message and send them out to each name in the address

The worm in Yahoo Mail, dubbed Yamanner, was able to send a request from the user's computer to a Yahoo Mail server, seeking the names in the user's address book. Why would one of the world's largest email suppliers leave such an exposure in its Web service? by Iyaz Akhtar 1:30 Zuckerberg takes the stand, Seinfeld's new home at Netflix Today's biggest tech stories include Mark Zuckerberg's testimony in a major lawsuit, Android 2.0 rumors pointing to a web-based e-mail and groups.

Mail service. Get advice. Mail, it performs the following actions: Exploits a vulnerability in the Yahoo! Here are the instructions how to enable JavaScript in your web browser.

About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center Help - Search - Members Full Version: [email protected] Kaspersky Lab Forum > English User Forum > Virus-related The solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the user," a Yahoo representative said. What's the potential cost of a ma ...Read More>> RELATED CONTENT Speed Up Incident Response & Discover Critical Attack Details Fortinet Security Fabric & the Threat Landscape 5 Great Reasons To More scanning & removal options More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

Share your voice 0 comments Tags Security Related Stories Edward Snowden's asylum in Russia extended This text can crash your iPhone WhatsApp again dogged by privacy questions, but there's a fix MailJavaScriptHidden categories: All stub articles Navigation menu Personal tools Not logged inTalkContributionsCreate accountLog in Namespaces Article Talk Variants Views Read Edit View history More Search Navigation Main pageContentsFeatured contentCurrent eventsRandom articleDonate if you can believe that. It has to do with vulnerability on Yahoo mail servers and receiving an email to Yahoo which runs a malicious piece of Javascript code.

It also tries to open a web page in another browser window. If you found this interesting or useful, please use the links to the services below to share it with other readers. In Yahoo's case, the hole appears to have been filled before additional attackers could exploit it. A hacker sending test messages to himself through Yahoo mail could insert harmless JavaScript in various places until he finds something that works, said Gary McGraw, chief technology officers of security

It exploits a vulnerability in the Yahoo email service to send a copy of itself to the user's Yahoo email contacts. Update 1: Symantec has a security response here. From a technical perspective, it might be fancier than the Yahoo! Yahoo Mail made limited use of Ajax to spur interactions between the mail user and Yahoo's servers.

The worm is sophisticated in that all you need to so is open the email to read it, not the attachment, and it runs the malicious code and replicates itself by The worm resides inside the e-mail body. View conversation · F2Smusic @HelloSlimmy 30 Nov 14 “@oldmanebro: Aye ... Download Now!

I'm sure it's been detected. Share the knowledge on our free discussion forum. I am looking for the KL link for the new malware list.I see that Yahoo has addressed the problem from your post as I write this.Ron arnoldmm 13.06.2006 10:12 QUOTE(Piston Ron

The Yamanner worm targets all versions of Yahoo Web-based mail except the latest beta version, Symantec said in an advisory released Monday.

Dobb's Enterprise Applications Operating Systems Productivity/Collaboration Apps Network Security Careers & People Threat Intelligence IoT Attacks & Breaches Application Security Cloud Security Endpoint Security Mobile Security Perimeter Security Risk Management Operations YOU LISTENING BABY!! Leave A Comment Cancel reply Your email address will not be published. I know from personal experience that reporters can get these things a little mixed up, so I'll try not to take the breathless tone of the news article.

Contact Support F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site. To view the full version with more information, formatting and images, please click here. It might take several tries, but by the time he inserted the JavaScript as a substitute for the upload image function in Yahoo Mail, he would have had a pop-up indicator one given it called Myspace's services to also post messages etc.

We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story." FULL SCHEDULE|ARCHIVED SHOWS Sponsored Live Streaming Required fields are marked * Resolution Past by a Majority Example GWT App - Newsletter Signup Medical Software Development Find out how we connect medical devices, mobile and cloud computing to KIS 6?2) Do you have KAV set for automatic updates? External links[edit] Worm wriggles through Yahoo mail flaw Symantec Advisory This malware-related article is a stub.

View conversation · FameSchool Uno @JazzUno 30 Nov 14 #FameSchool “@oldmanebro: Aye ... Please try the request again. With the addition of Ajax functionality in many other Web applications, the problem is going to get worse before it gets better, he said. See these threads,http://forum.kaspersky.com/index.php?showtopic=16228http://forum.kaspersky.com/index.php?showtopic=160894) You are in the wrong forum, you should have posted in Protection for Home Users.Don might move this thread for you, so look for it there.Ron Ron,Sorry about

Technical Details The Yamanner worm activates by just opening an infected e-mail message with Internet Explorer. This blog entry over at the Washington Post seems to take the view that users of Yahoo Mail Beta (the AJAX version) are in fact not vulnerable to the critter. Invision Power Board © 2001-2017 Invision Power Services, Inc. Still not comfortable opening up the email ....Arnold Piston Ron 13.06.2006 07:50 QUOTE(arnoldmm @ 12.06.2006 23:27)Ron, I just was previewing this when I saw your follow up reply.I did not send

Yahoo Mail relied on a JavaScript function in connection with uploading images from a message to their mail server. Once discovered, such an opening is often shared with other hackers and several forms of attack materialize on the exposure at once. TonyW 14.06.2006 20:47 Whilst we all know it as Yamanner, KL may have a different name for it hence why we've missed it. Mail account.

The Yamanner worm didn't need an image to be included with a message to do its work. system, infecting the systems of those who opened the e-mails and sending the user's address book to a remote server. Ron, I just was previewing this when I saw your follow up reply.I did not send anything for analysis, I guess I should.WARNING: Malicious worm comes with the following subject 'New saso 14.06.2006 10:04 well i am not sure, normaly there are some dates and times when a virus is added to kav bases, there are however no dates and times here:http://www.kaspersky.com/viruswatchlite?search_virus=js.yamahowevwer

Removal Automatic action Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action. Systems affected include Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003 and Windows XP, according to Symantec's advisory.