New IM Worm Installs Own Web Browser

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#1
A new IM worm takes the novel step of installing its own web browser onto the victims PC. Ironically titled "The Safety Browser", its default settings actually make your PC less secure - switching on pop-ups, changing your home page and hijacking your desktop with a looped music track that plays every time you switch your computer on. It's clear people cannot resist clicking "yes" to anything they're presented with via IMYahoo:
Messenger worm turns on IE

One of the ‘oddest and most insidious pieces of malware’

Researchers have identified an "insidious" threat affecting Yahoo Messenger. A self-propagating worm, named yhoo32.explr, installs a piece of software called 'Safety Browser' and then hijacks the Internet Explorer homepage, leading users to a site that puts spyware on their PCs.

Because Safety Browser uses the IE icon to identify itself, users can easily mistake it for the legitimate Internet Explorer. This is the first recorded incidence of malware installing its own web browser on a PC without the user's permission, according to security firm FaceTime.

The self-propagating worm spreads the infection to all contacts in Yahoo! Messenger by sending a website link that loads a command file onto the user's PC and installs Safety Browser.

"This is one of oddest and more insidious pieces of malware we have encountered in years," said Tyler Wells, senior director of research at FaceTime Security Labs.

"This is the first instance of a complete web browser hijack without the user's awareness. Similar 'rogue' browsers, such as 'Yapbrowser,' have demonstrated the potential for serious damage by directing end-users to potentially illegal or illicit material. 'Rogue' browsers seem to be the hot new thing among hackers."
 
Elsmar Forum Sponsor
J

jaimezepeda

#2
Not on my Mac

This is why I am sooooooo glad I switched to a Mac last year. I still have to use an IBM ThinkPad at work. However, the IT guys at work take care of it. At home I only use my Mac.

Jaime
 
S

sameoldflame

#3
jaimezepeda said:
This is why I am sooooooo glad I switched to a Mac last year. I still have to use an IBM ThinkPad at work. However, the IT guys at work take care of it. At home I only use my Mac.

Jaime
and i am glad i'm using trillian which allows me to connect to different im-systems with just one program. just using it for connction to icq and msn though so that's the main reason the IMyahoo worm won't affect me :)
 

Jim Wynne

Staff member
Admin
#4
sameoldflame said:
and i am glad i'm using trillian which allows me to connect to different im-systems with just one program. just using it for connction to icq and msn though so that's the main reason the IMyahoo worm won't affect me :)
The worm won't affect anyone who doesn't ask for it. In this case, you ask for it by clicking on a link in a message that appears to be from someone you might know. Never open attachments you aren't expecting, and never click on links in messages (IM or e-mail) unless you're sure of the source.
 
S

sameoldflame

#5
Jim Wynne said:
The worm won't affect anyone who doesn't ask for it. In this case, you ask for it by clicking on a link in a message that appears to be from someone you might know. Never open attachments you aren't expecting, and never click on links in messages (IM or e-mail) unless you're sure of the source.
thank's you reminded me of the oldest of all "avoid viruses and other bad stuff rules". so with my paranoia i'm almost absolutely safe ;)
 
Thread starter Similar threads Forum Replies Date
Marc Storm gets a Rootkit - Storm Worm Continues to Morph After Work and Weekend Discussion Topics 1
Jim Wynne Beware of e-card invitations - The misnamed Storm Worm bot After Work and Weekend Discussion Topics 35
D We had a worm or virus hit our network yesterday - a.exe worm After Work and Weekend Discussion Topics 7
Marc BlackAngel.B worm spreading via Microsoft's MSN Messenger After Work and Weekend Discussion Topics 8
Marc Yahoo email worm can infect without clicking attachments After Work and Weekend Discussion Topics 0
Marc Worm set to Delete data files on February 3 After Work and Weekend Discussion Topics 4
Jim Wynne Worm Alert - How to avoid computer worms and viruses After Work and Weekend Discussion Topics 4
J Santy worm affects PHP bulletin boards After Work and Weekend Discussion Topics 1
E Did the Blaster Worm get YOU? After Work and Weekend Discussion Topics 56
Marc I LOVE YOU worm - Makin' the rounds After Work and Weekend Discussion Topics 7
K Should APQP/PPAP has its own section in a QM? Quality Management System (QMS) Manuals 1
P New Global HQ Suggestions for Virtual manufacturing/own brand labelling of medical devices? EU Medical Device Regulations 4
M Who needs a MDEL? How to buy and sell medical devices on my own Canada Medical Device Regulations 14
J Create your own symbol? Other Medical Device Related Standards 7
L Contracted Manufacture Company wanting to be able to design and manufacture own product. 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 7
S 510k: What to include if your own device is the predicate US Food and Drug Administration (FDA) 5
M Software Development Company - Who would own the whole process and the certification afterwards? ISO 14001:2015 Specific Discussions 1
K ISO 17025:2017 clause 7.6.2 - Performing calibration of its own equipment shall evaluate the measurement uncertainty ISO 17025 related Discussions 6
C Can You Internally Audit a Process You Own? Internal Auditing 25
S Calibrating our own equipment, can we? Micrometers to calibrate vernier calipers General Measurement Device and Calibration Topics 13
A Validating my own application developed with Agile Qualification and Validation (including 21 CFR Part 11) 5
U Own Procedure was not effectively implemented Problem Solving, Root Cause Fault and Failure Analysis 3
V Who should define and own the Design and Development Plan and how to maintain the updates and revisions. ISO 13485:2016 - Medical Device Quality Management Systems 2
E Informational Internal Audits - Wear multiple hats what can and can't I audit (so I'm not auditing my own work) Internal Auditing 149
C Can we be our own EU authorised representative? EU Medical Device Regulations 34
N Own brand labelling/virtual manufacture of IVD's EU Medical Device Regulations 2
N How to obtain Own Brand Label (OBL) CE Marking? EU Medical Device Regulations 18
K Nonconformance on training - Not following own processes (IATF 16949) Internal Auditing 14
V Own foreign manufacturing facilities declared as sub-contractors ISO 13485:2016 - Medical Device Quality Management Systems 5
A 3D Printing concept in airline to manufacture its own aircraft cabin parts EASA and JAA Aviation Standards and Requirements 3
F AEMPS (Spain) Registration - Medical Devices - We do not own the products we make EU Medical Device Regulations 2
B Procedure Pack - KIT - Each has its own CE Mark CE Marking (Conformité Européene) / CB Scheme 6
S OBL (Own Brand Labeling) - Full Quality to Production Quality EU Medical Device Regulations 5
B Submit a Special 510(k) or "Documentation by our own" 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
A Selling our own class 1 (EU) devices worldwide - Who is responsible for registration? Other Medical Device Regulations World-Wide 7
B Own Brand Labelling and Distributors - Self Test IVD's EU Medical Device Regulations 3
L ISO 13485 and OBL (Own Brand Label) Agreement EU Medical Device Regulations 20
S Internal Auditors shall not audit their own work? Internal Auditing 21
L Build own Power Magnetic Field Test Equipment for IEC 61000-4-8 IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
P OBL (Own Brand Labelling) - Technical Files/Risk Management ISO 13485:2016 - Medical Device Quality Management Systems 3
L Building your own Leakage Current Tester IEC60990 Other US Medical Device Regulations 4
P OBL (Own Brand Label) - Annex III ? EC Type Examination EU Medical Device Regulations 2
A EC Certification Process and Time Frame for Own Brand Labeling Medical Devices EU Medical Device Regulations 4
E "Internal" CAPA (Audit Nonconformance) Issuance to your own Department Nonconformance and Corrective Action 4
R Auditors can NOT audit their own work audit finding Internal Auditing 17
V Own Brand Labeling Agreement/Contract Review ISO 13485:2016 - Medical Device Quality Management Systems 5
M IEC 60601-1 testing for device with its own 2V battery power supply necessary? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
D State Past Due on its own Meter Inspection ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
Richard Regalado BYOD (Bring Your Own Device) Policy by UK Information Commissioner's Office IEC 27001 - Information Security Management Systems (ISMS) 0
T Can I approve my own Documentation per FDA QSR 21 CFR Part 820? ISO 13485:2016 - Medical Device Quality Management Systems 1

Similar threads

Top Bottom