Yahoo Messenger malicious worm identified

Worm

A new cyber threat is targeting Yahoo Messenger users and attempting to download a worm onto their systems, Symantec has warned.

Targets are sent instant messages from contacts in their list which contain a link supposedly taking the user to a photo, the data security firm explained in a blog.

In reality, once clicked the link will direct them to the worm executable. For it to be activated, the worm still requires the user's action to open or run the file.

Once up and running, the worm adds itself to the Windows Firewall List and stops the Windows Updates service, while ensuring it activates every time the system boots.

Then it seeks to propagate by locating Yahoo Messenger and sending links to the worm out to everyone on the contact list.

"It may also download and execute other malicious files," Symantec warned.

"We recommend Yahoo! Messenger users to be especially careful with what types of files they are opening, and be cautious with links received even from well known and trusted contacts. Many times becoming a victim can be avoided just by asking the contact who sent the link whether it's real or not."

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.