Yahoo Mail Virus

Yahoo Inc, the world’s largest provider of email services, says a software virus aimed at Yahoo Mail users had infected “a very small fraction” of its base of more than 200 million accounts.

The email virus, or worm, has been dubbed Yamanner and landed in Yahoo mailboxes bearing the headline “New Graphic Site.”

Once opened, the message infects the computer and spreads to other users listed in Yahoo users’ email address books, security experts said.

The email containing the virus need only be opened – in contrast to most worms that are hidden in attachments and require users to take an additional step – to release the virus, according to computer security site Symantec Corp.

The Sunnyvale, California-based company advised users to update virus and firewall software on their computers and to block any email sent from the address “av3zyahoo.com.”

“We have taken steps to resolve the issue and protect our users from further attacks of this worm,” Yahoo spokeswoman Kelley Podboy said in a statement.

“When we learn of email abuse, such as a worm or other online threat, we take appropriate action,” she said.

“(A) solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the user.”

Yamanner, first detected by Yahoo and major computer anti-virus software makers on Monday, was ranked as having a low threat level by Trend Micro Inc and McAfee Inc.

But Symantec considers the worm an “elevated threat,” one step up from the lowest ranking in terms of relative danger.

Symantec’s Security Response site suggested Yahoo Mail users might protect themselves by upgrading to the latest test version of the recently upgraded Yahoo Mail software.

“The worm cannot run on the newest version of Yahoo Mail Beta,” Symantec’s site said.

A Yahoo spokesman was not immediately available to comment on whether the company advised users to do this.

The worm exploits a vulnerability in Javascript technology used to make the mail program easier to use by triggering embedded HTML scripts to run in the computer user’s browser.

The email addresses are also sent to a remote online computer server, which may be used to run spam campaigns, experts said. The technical name of the worm goes by variants of “JS.Yamanner.”

  • Rick Allen

    Help! This thing as sent e-mails to everyone in my address book. I need to speak with someone at Yahoo to see what I need to do to return to normal usage.

    Current score: 0
  • Marcus

    This has infected my yahoo mail as well. I have removed all of my contacts but they are still getting the spam links. This tells me that my contact email addresses have been harvested and are active elsewhere. Would be nice if someone would fix this!

    Current score: 0
  • James

    I have had this problem also for the last 2 months.

    Does anyone know how you can actually contact yahoo to get help on this ?

    This happens only in windows, when I log into yahoo mail it will send out mail with malicious links to webpages to people in my address book.

    I HAVE tried several anti malware and antivirus programs and none of them picks up anything.

    Luckily this doesn’t seem to affect linux so I’ve been using yahoo mail on linux. It is just annoying having to reboot into linux just to send emails and I don’t want to have to reinstall windows just to fix this.

    Current score: 0
  • http://yahoo.com Patti Abel

    My email account has someone obtained and a virus and has been to send out a series of emails to others in my contact list. How do I stop this?

    Current score: 0
  • Chritina

    Please, Help me!!! My friends are calling me that they are receiving e-mails that I haven’t sent!! It seams that these e-mails reach to all my contacts!!
    Could you help me please?

    Current score: 0
  • Diane Parsonnet

    Your article says: “(A) solution has been automatically distributed to all Yahoo Mail customers, and requires no additional action on the part of the user.” Yet my contacts are still having problems and can not delete the virus. What has been done and what can I do to help them???

    Current score: 0