Threat Description

Yamanner.A

Details

Aliases:Yamanner.A, JS/Yamanner@MM, Email-Worm.JS.Yamanner.a
Category:Malware
Type:Worm
Platform:JS

Summary



Yamanner is a JavaScript worm that targets Yahoo! web-based e-mail and groups.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You also may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



The Yamanner worm activates by just opening an infected e-mail message with Internet Explorer. To do this it uses a 0-day vulnerability in the Yahoo! Mail system.

Yamanner builds its e-mail messages and sends them to the infected user's contacts. The sent e-mails look as follows:

  • Subject: New Graphic Site Body: Note: forwarded message attached.

The worm resides inside the e-mail body. It also tries to open a web page in another browser window.



Detection


F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
Database: 2006-06-13_02




SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More