BitDefender Products Detect JS.Blackworm.A Yahoo Email Worm

June 2006


Proof of Concept Worm Harmless Now but Shows Potential for Real Danger

BitDefender╝, an award-winning provider of antivirus software and data security solutions, today announced that its customers can detect the new JS.Blackworm.A worm that has been able to spread through an unpatched vulnerability in Yahoo Mail.

The worm is written in Javascript and spreads by exploiting a vulnerability in the Yahoo e-mail system, potentially targeting more than 100 million worldwide Yahoo users. Users of the new beta version of Yahoo Mail are not affected by this worm. Once infected email has been opened, the worm automatically executes and attempts to send itself to all @yahoo.com or @yahoogroups.com addresses in the affected account's contact list.

The worm was designed only as "proof of concept" malware and does not contain a damaging payload. BitDefender provided customers with the ability to detect the worm as soon as it was found in the wild.

⌠This is a very well written worm that although harmless right now, opens a Pandora▓s Box for potential future Yahoo Mail-focused malware. The designer obviously has a great deal of understanding of web programming and this particular vulnerability, and is another example of criminal malware organizations using better trained designers,■ said Bogdan Dumitru, BitDefender▓s CTO. ⌠Again, BitDefender has shown that we are smarter than even the most gifted virus writer and our customers were safe from this vulnerability within minutes of it hitting the wild.■

For more information about the JS.Blackworm.A worm, visit: http://www.bitdefender.com/VIRUS-246957-en--JS.Blackworm.A.html


Share This ON: