Hackers have latched on to exploit code for the critical bugs in Yahoo Messenger, setting up 40 to 50 malicious Web sites to attack unsuspecting and unpatched, users.
Malware writers have picked up the exploit code, which was first publicly posted last week and have quickly gone to work with it.
The malicious code takes advantage of buffer overflow security issues in two ActiveX controls used in the instant messenger’s Webcam image upload and viewing.
The code is embedded in 40 to 50 Web sites. When someone who uses Yahoo Messenger visits one of these sites, the exploit drops down into the machine and then downloads either a Trojan backdoor or a keylogger, according to Websense.
Both the keyloggers and downloaders mainly are looking for passwords and banking information to send back to the hacker.
The original exploit code hit the Internet on June 6, the day after researchers at eEye Digital Security responsibly posted information about the Yahoo Messenger vulnerabilities on its Web site.
Yahoo was quick to release a fix for the vulnerabilities last Friday, just two days after the flaws were publicly disclosed.
The Internet Storm Center is advising users to upgrade to the latest (patched) version of Yahoo Messenger as soon as possible. The site also is giving “kudos” to Yahoo for getting the problem fixed so quickly.
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
Leave a Reply