Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: MailBag Response info about yhoo32-explr, IM malware SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MailBag Response info about yhoo32-explr, IM malware
We had an inquiry requesting additional information about a SANS NewsBites story (SANS Computer Security Newsletters and Digests) about yhoo32-explr, IM malware. Following up on the NewsBites item for the ISC contributor lead to the following information that might be of interest.

In discussing the actions of yhoo32-explr, FaceTime Security Labs researcher Chris Boyd says (at the blog) "That's not all - a file is placed on the PC which contacts a URL firing off continually modified commands for the infection. They can change the infection message and the method of infection on the fly. Tailor made messages designed for Yahoo IM, Internet-based chat and IRC? You got it. It even randomly overtypes some of your IM messages as you hit the send button.".

Source information at here.

NewsBites item here Worm Spreads Through Yahoo Messenger (22 May 2006)

193 Posts
May 26th 2006

Sign Up for Free or Log In to start participating in the conversation!