Yahoo! Tackles Worm Problem, Issues Warning to Users
Article by George Norman
On 06 May 2010
Yahoo! Messenger users may have noticed that a rather annoying spam campaign has targeted the popular instant messaging application. You would just go about your day, when someone in your contacts list would send you a message – the message was a link to what appeared to be a photo. If you were to click the link, you would be directed to a website – and on that website you would be prompted to download a file that seemed like a JPG file.

It wasn’t much of a trick. In the file’s name the letters JPG were included, but the actual extension was not JPG, it was .EXE. A weary user would have noticed that they are not asked to download a JPEG file but an executable file. An executable file that could be anything – a virus, a Trojan, anything.


As it turns out, the executable was a worm, a variant of Palevo. Furhtermore, it turns out that some users did not pay attention to what they were asked to download. Quite a few downloaded the worm, which upon compromising their computers, started spamming Yahoo! Messenger users in their contact list.

Razvan Livintz, on behalf of BitDefender, explains what happens once the worm compromises the user’s computer: “Having an unprotected system infected with Palevo.DP is a synonym for mayhem. First and foremost, the worm creates several hidden files in the Windows folder and modifies some registry keys to point towards these files in order [to] annihilate the OS' firewall. As its siblings, Palevo.DP holds a backdoor component, which allows remote attackers to seize control over the compromised computer and do whatever they want with it – from installing additional malware and swiping files to launching spam campaigns and malware offensive on other systems.”

Thyaga Vasudevan, Product Manager on the Yahoo! Messenger team, announced that Yahoo! detected this issues and worked to resolve the situation. Vasudevan also gave Yahoo! Messenger users some common sense advice: do not click on suspicious links you receive, do not download executable files, and use a genuine, up-to-date antivirus application to protect your system.

“We recommend that any Yahoo! Messenger user who receives a suspicious IM containing a link should first IM the friend to ensure the message is legitimate before moving forward. We strongly advise users to not download executable (.exe) files that are sent through Yahoo! Messenger. Also, we recommend that users that have anti-virus software on their computer employ the latest anti-virus updates,” commented Vasudevan.

In related news, Adobe has recently announced that a spam campaign is making the rounds online, using its name to trick users (read more here).

Tags: Yahoo!, Yahoo! Messenger, Worm, Palevo, Security
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Yahoo! Tackles Worm Problem, Issues Warning to Users
HTML Linking Code