BitDefender Products Detect JS.Blackworm.A Yahoo Email Worm

June 2006

Proof of Concept Worm Harmless Now but Shows Potential for Real Danger

BitDefender, an award-winning provider of antivirus software and data security solutions, today announced that its customers can detect the new JS.Blackworm.A worm that has been able to spread through an unpatched vulnerability in Yahoo Mail.

The worm is written in Javascript and spreads by exploiting a vulnerability in the Yahoo e-mail system, potentially targeting more than 100 million worldwide Yahoo users. Users of the new beta version of Yahoo Mail are not affected by this worm. Once infected email has been opened, the worm automatically executes and attempts to send itself to all or addresses in the affected account's contact list.

The worm was designed only as "proof of concept" malware and does not contain a damaging payload. BitDefender provided customers with the ability to detect the worm as soon as it was found in the wild.

This is a very well written worm that although harmless right now, opens a Pandoras Box for potential future Yahoo Mail-focused malware. The designer obviously has a great deal of understanding of web programming and this particular vulnerability, and is another example of criminal malware organizations using better trained designers, said Bogdan Dumitru, BitDefenders CTO. Again, BitDefender has shown that we are smarter than even the most gifted virus writer and our customers were safe from this vulnerability within minutes of it hitting the wild.

For more information about the JS.Blackworm.A worm, visit:

Share This ON: