[Ansteorra] New Graphic site virus....

Michael Silverhands silverhands at sbcglobal.net
Tue Jun 13 21:44:31 PDT 2006

On Jun 13, 2006, at 10:06 PM, caladin wrote:

> Can anyone tell me the name of the virus, it came up in my mozilla
> preview pane and norton seems to
> be unaware of it.. I'd like to make a targeted scan,
> Thanks,
> Caladin

It's a new worm, which appeared yesterday morning. It exploits a  
JavaScript vulnerability in Yahoo!Mail (i.e., it only affects you if  
you are reading these messages using their web-based reader). It  
doesn't appear to affect anyone else (i.e., if you are reading these  
messages using Outlook [Windows] or Mail [Mac], etc.).

It carries its payload as an attachment. If you don't open the  
attachment, it does nothing. If you delete it unread, it does  
nothing. If you open the attachment *while using Yahoo!Mail*, then it  
harvests your Yahoo!Mail address book and sends itself to everyone in  
that list (and sends the list of addresses to a spammer). It makes  
itself appear to be sent randomly from one of those known-good  

Here's more information about it:

Bottom line: all y'all, delete every message with the subject "New  
Graphic Site", unread.

Michael Silverhands

More information about the Ansteorra mailing list