June 14th, 2006, 01:01 AM
First time I have seen this
It seems yahoo mail has been the target of a virus attack. What makes this unique is the fact that the virus actually grabs the yahoo address book and appears to be java based. Seems like something news worthy to me anyway, I'm suprised this hasnt got more press than it has.
June 14th, 2006, 02:00 AM
It's actually been errr... obvious for a few days... Bugtraq etc... Heck, I've even had my users "warn" me about it... But heck, you can't catch them all before anyone else...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
June 14th, 2006, 03:04 AM
Ok, correct me if I'm understanding this wrong, but it seems the damage from this attack is that you would end up on some spammer's list. Is that right?
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
June 14th, 2006, 05:50 AM
Not from what I have read, but I might not have all the info about it. From what I have found out on Secunia, the worm/malware is just using yahoo mail to spread it self to other yahoo mail addresses. Its an educated guess that it is still under developement and there is no telling what payload might be added to future variants. Currently all it does is redirect the browser and mail all yahoo addresses in the mailboxes address book apon infection.
This little nasty has the potential to take the "safety net" aspect out of web based email clients, like yahoo or gmail, which as we all know employees every where access from office networks. Hopefully the AV companies and mail hosts are on the ball and stop the next "wave" before a real payload is launched.