Yahoo Inc., the world’s largest provider of e-mail services, said on Monday that a software virus aimed at Yahoo Mail users had infected “a very small fraction” of its base of more than 200 million accounts.
The e-mail virus, or worm, has been dubbed Yamanner and landed in Yahoo mailboxes bearing the headline `New Graphic Site’. Once opened, the message infects the computer and spreads to other users listed in address books, security experts said.
The e-mail containing the virus need only be opened – in contrast to most worms that are hidden in attachments and require users to take an additional step — to release the virus, according to computer security site Symantec Corp. The Sunnyvale, California-based company advised users to update virus and firewall software on their computers and to block any e-mail sent from the address av3@yahoo.com.
“We have taken steps to resolve the issue and protect our users from further attacks of this worm,” Yahoo spokeswoman Kelley Podboy said in a statement. The worm cannot run on the newest version of Yahoo Mail Beta,” Symantec’’s site said.
The worm exploits a vulnerability in Javascript technology used to make the mail program easier to use by triggering embedded HTML scripts to run in the computer user’s browser. The e-mail addresses are also sent to a remote online computer server, which may be used to run spam campaigns, experts said. The technical name of the worm goes by variants of Yamanner.