« Is SpywareGuard 2.2 still useful for computer protection? | Blog Home | Ad-Aware Definitions Update »

Yahoo messaging worm installs bogus browser

May 22, 2006: Malware writers have created a new worm that installs a new browser and plays screeching music.

The trouble starts with a link apparently sent by a friend in Yahoo's instant messaging program.

Instant messaging security company FaceTime Communications Inc. described the malware, which it called yhoo32.explr, as "insidious" in a security advisory Friday.

When the link is clicked, a worm installs the so-called Safety Browser, a program that leads the user to pages mined with adware and viruses, FaceTime said. The Safety Browser uses an Internet Explorer logo to make it look more legitimate.

Malware spread through instant messaging programs is on the rise. However, FaceTime said this malware appeared to be the first to install a browser without the user's permission.

The bug also hijacks Internet Explorer's home page, directing users to the Safety Browser's Web site.

After it is launched, the worm sends itself to others on the user's instant messaging contact list.

The malware is engineered to overwrite instant messages typed by a user, FaceTime said. The infected message can also be changed on the fly, it noted.

The screeching music, however, is blocked by Microsoft Corp.'s Windows XP Service Pack 2, FaceTime said.

Internet Security 2008 - Windows Vista Certified

Posted by Wiz on May 22, 2006 3:46 PM |

Spyware Doctor is a multi-award winning spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, Trojans, keyloggers, spybots and tracking threats.

Spyware Doctor
Spyware Doctor utilizes a sophisticated database of malware infections to detect and remove malware from your computer. The database currently incorporates over 50,000 signatures. Multiple databases are released each week, assisting you to keep your system free of new infections.

Spyware Doctor is fully capable of detecting and removing hidden processes associated with complex threats and rootkits. Such threats are otherwise difficult to remove by conventional means since they may be hidden to the operating system.

A Startup Scanner removes references to malicious programs that run at startup in the registry and Windows startup files, as well as malicious files in Windows startup locations.

State-of-the-art scanning engines, including file scan, memory scan, registry scan, browser helper objects scan, cookie scan and much more.

Add to Technorati Favorites

Search


MailWasher Pro is a POP3 email client spam filter

Recent Posts

Popular Posts

Categories

Wizcrafts main pages

Wizcrafts Home Page
Security Alerts
Frequently Asked Questions
Website Hosting Solutions
Links and Resources
MailWasher Pro Spam Filter
Networking Fundamentals
About Computer RAM & Upgrades
Webmaster Services
Wizcrafts' Site Map

Anti-Spyware websites

Windows Live OneCare Safety Scanner
ZoneAlarm Pro Firewall
AVG Free Anti Virus/Spyware
US-CERT.gov
AboutBuster
CWShredder
Spybot Search & Destroy
Spyware Blaster
Ad-Aware Personal
SiteAdvisor Toolbar
Strider URL Tracer
Windows Defender
Rogue Anti-Spyware list
HijackThis
A-squared HiJackFree
A-squared Trojan remover

Spyware Removal Forums

AboutBuster Support Forums
CastleCops Forums
Safer Networking Forums
SpywareWarrior Forums
Spywareinfo Forums
MajorGeeks Forums
TomCoyote Forums
Wilders Security Forums
Bleeping Computer HijackThis Logs and Analysis
Bleeping Computer Spyware Removal Guides
A-Squared Malware Removal Forums
AVG-Free Self Help Forums

Archives

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.36

Start your blog today