Pelican Parts Forums

Pelican Parts Forums (http://forums.pelicanparts.com/)
-   Off Topic Discussions (http://forums.pelicanparts.com/off-topic-discussions/)
-   -   e-mail virus/worm, Yahoo - "New Graphic Site." (http://forums.pelicanparts.com/off-topic-discussions/288139-e-mail-virus-worm-yahoo-new-graphic-site.html)

kach22i 06-13-2006 10:13 AM
e-mail virus/worm, Yahoo - "New Graphic Site."
 
FYI:

http://news.yahoo.com/s/nm/20060613/ts_nm/yahoo_virus_dc_7
Quote:
The e-mail virus, or worm, has been dubbed Yamanner and landed in Yahoo mailboxes bearing the headline "New Graphic Site." Once opened, the message infects the computer and spreads to other users listed in Yahoo users' e-mail address books, security experts said.

The e-mail containing the virus need only be opened -- in contrast to most worms that are hidden in attachments and require users to take an additional step -- to release the virus, according to computer security site Symantec Corp..

Joeaksa 06-13-2006 10:15 AM
I have gotten it almost 10 times in the last day. Norton or AVG has not seen nor found anything yet...

M.D. Holloway 06-13-2006 10:20 AM
what does the virus do?

kach22i 06-13-2006 10:40 AM
Quote:
Originally posted by LubeMaster77
what does the virus do?
No good I assume.

From the article:

Quote:
The Sunnyvale, California-based company advised users to update virus and firewall software on their computers and to block any e-mail sent from the address "av3@yahoo.com."..........Yamanner, first detected by Yahoo and major computer anti-virus software makers earlier on Monday, was ranked as having a low threat level by Trend Micro Inc. and McAfee Inc..........."The worm cannot run on the newest version of Yahoo Mail Beta," Symantec's site said.

Joeaksa 06-13-2006 11:12 AM
Every one of the emails I have received came from a Yahoo group. Am in various groups with Yahoo ranging from airplanes to cars and so on and it came directly from that source in my case.

RickM 06-13-2006 11:14 AM
I took the articles advice and blocked av3@yahoo.com. Not to say it can't come from another source.

JS.Yamanner@m is a worm that is written in JavaScript. It exploits a vulnerability in the Yahoo! Mail service to send a copy of itself to other Yahoo! Mail contacts.

Notes:

The worm cannot run on the newest version of Yahoo Mail Beta.

(Symantec) Rapid Release Definitions with sequence number of 55078 or greater are required to detect this threat.

Damage

Payload Trigger: n/a
Payload: n/a
Large scale e-mailing: <b>Sends a copy of itself to the user's Yahoo email contacts.</b>
Deletes files: n/a
Modifies files: n/a
Degrades performance: n/a
Causes system instability: n/a
Releases confidential info: n/a
Compromises security settings: n/a

kach22i 06-13-2006 11:23 AM
Quote:
Originally posted by RickM
I took the articles advice and blocked av3@yahoo.com. Not to say it can't come from another source.
Thanks for the idea, I just did it too, pretty easy if I can do it.:)

Joeaksa 06-13-2006 11:33 AM
If you are on any Yahoo (or other) groups, keep an eye on them as well. All of mine did not come from the av3@yahoo email address but forwarded through other Yahoo groups.


All times are GMT -8. The time now is 10:50 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website


DTO Garage Plus vBulletin Plugins by Drive Thru Online, Inc.