All the latest UK technology news, reviews and analysis
|
|
|
21 May 2006
Security researchers have identified an "insidious" threat affecting Yahoo Messenger.
A self-propagating worm, named yhoo32.explr, installs a piece of software called 'Safety Browser' and then hijacks the Internet Explorer homepage, leading users to a site that puts spyware on their PCs.
Because Safety Browser uses the Internet Explorer icon to identify itself, users can easily mistake it for the legitimate Microsoft browser.
This is the first recorded incidence of malware installing its own web browser on a PC without the user's permission, according to security firm FaceTime.
The self-propagating worm spreads the infection to all contacts in Yahoo Messenger by sending a website link that loads a command file onto the user's PC and installs Safety Browser.
"This is one of oddest and more insidious pieces of malware we have encountered in years, and the first instance of a complete web browser hijack without the user's awareness," said Tyler Wells, senior director of research at FaceTime Security Labs.
"Similar 'rogue' browsers, such as 'Yapbrowser', have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Desktop Deployment Support Analyst (Worksite, SQL...
Project Manager is required by Bank in Germany Suitable...
Mobile & Social Media Application Web Developer...
CCVP Consultant - Telecoms Cisco Certified Voice Professional...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
just another windows threat
oh well ...it's number 114513 or 114514 ..oh, hack, i lost count ... buy a mac, forget windows, forget bill gates, forget viruses, trojans and worms ... and yahoo messenger for mac is a lot more stylish ;)
Posted by: Andrei Stoleru 16 Sep 2006
Another IE hi-jack.
It does not install a whole new web browser on the victims PC. It installs an Internet Explorer theme.
Posted by: Say 23 May 2006
Facing the same problem
I am facing the same problem but now how to get rid of this.
Posted by: Rahul Raizada 23 May 2006
INSTANT MESSENGER THREAT
Good morning It is 5.40 am here in Perth and I want to thank you for this warning. I use IM quite a lot and would be devastated should this virus attack Regards Jean (Rimmer)
Posted by: Jean Rimmer 22 May 2006