Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
Users of Yahoo Instant Messenger are under threat from a worm that hijacks their Internet Explorer homepage and leads them to a site that puts spyware on their PCs. Researchers at anti-malware firm FaceTime Security Labs, who identified the threat, say that the yhoo32.explr worm puts its own browser called Safety Browser on their PCs, the first recorded incidence of malware installing its own web browser on a PC without the user's permission.
According to FaceTime researchers, because Safety Browser uses the IE icon, users can easily mistake it for Internet Explorer.
A FaceTime alert says the self-propagating worm spreads the infection
to Yahoo! Messenger contacts on the infected PC by sending a nefarious
website link during a conversation. The link leads to a website that
loads a command file onto the user’s PC and installs Safety Browser.
This spam over instant messaging (IM) is called spim. IM applications
and protocols are an increasingly popular vector to distribute
malicious files and executables.
"This is one of oddest and more insidious pieces of malware we have
encountered in years," said Tyler Wells, senior director of research at
FaceTime Security Labs. "This is the first instance of a complete web
browser hijack without the user's awareness. Similar 'rogue' browsers,
such as 'Yapbrowser', have demonstrated the potential for serious
damage by directing end-users to potentially illegal or illicit
material. 'Rogue' browsers seem to be the hot new thing among hackers."
The India research arm of FaceTime Security Labs discovered the threat
in a 'honeypot', a trap they set to detect viruses, worms, spyware and
other threats. Commentary on this threat by FaceTime Security Labs
researcher Chris Boyd can be found on the Greynets Blog, at
http://blog.spywareguide.com.
The malware infects the PC with two elements.
The first element is a web browser called "Safety Browser." This
stand-alone application has no uninstaller and disguises itself with an
Internet Explorer logo in some instances. The application also hijacks
the personal homepage in Internet Explorer and points users to Safety
Browser's homepage (demoplanet.tv). The hijack also plays looped music
that cannot be stopped when the user starts up the PC or Safety Browser.
The second element is the self-propagating worm. The worm propagates by
inserting a link into existing Messenger conversations on an infected
PC. When an infected user initiates or joins a conversation, a link is
inserted at random points in the conversation.
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
