Yahoo IM Worm Hijacks Browsers, Plays Migraine Music - InformationWeek
IoT
IoT
News
News
5/22/2006
03:26 PM
50%
50%
RELATED EVENTS
[Cyberattacks] Using Data as Your First Line of Defense
Aug 10, 2017
Attend this webinar to learn how you can determine which threats pose the greatest danger to your ...Read More>>

Yahoo IM Worm Hijacks Browsers, Plays Migraine Music

A worm running through Yahoo's instant messaging network is installing a browser of its own--a first for IM malware. The browser leads users to adware and spyware sites, several security firms said Monday.

A worm running through Yahoo's instant messaging network is installing a browser of its own -- a first for IM malware -- that leads users to adware and spyware sites, several security firms said Monday.

The worm, dubbed "Yhoo32.explr" by IM security vendor FaceTime Communications on Friday and "Browaf" by Symantec on Monday, is installed when Yahoo users click on a malicious link embedded within an instant message.

Yhoo32.explr downloads and installed the so-called "Safety Browser," which adds an IE-like icon to the desktop, and when used, takes the unsuspecting to sites where their PCs are infected with adware and spyware. The worm also changes the home page of IE to point to Safety Browser's site.

To complicate things, Safety Browser doesn't post an Uninstall option in Windows' Add or Remove Programs Control Panel applet.

"This is one of oddest and more insidious pieces of malware we have encountered in years," said Tyler Wells, senior director of research at FaceTime, in a statement.

"This is the first instance of a complete web browser hijack without the user's awareness. Similar 'rogue' browsers, such as 'Yapbrowser', have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers."

Along with the bogus browser, the worm makes the PC blare out screeching music thick with bad guitar licks and drum solos. The headache-inducing noise plays every time the computer boots or Safety Browser launches.

Anti-virus vendors, such as Symantec, are working on signatures to detect the new Yahoo IM worm; FaceTime said that has already it updated its customers' software.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll