Promo: B.Sc. Info Systems, Trinity
IT workers face the challenge of developing their communications, business and management skills.
» more
The crunch crushes the IT sector?
Whilst numbers take a tumble on stock markets IT managers will be forced to recalculate.
» more
Web Pick: Live Mesh Tech Preview
This online app will provide you with a whole lot of peace of mind for that day your PC dies.
» more

SECURITY

IM worm installs rogue browser

23-05-2006

by Silicon.com

A new instant messaging worm installs a rogue web browser called "Safety Browser" and hijacks the user's Internet Explorer homepage, experts have warned.

The worm, dubbed "yhoo32.explr" by FaceTime Security Labs, was found two weeks ago on the Yahoo instant messaging network and was still active as of Friday, Tyler Wells, senior director of research at FaceTime, a seller of IM security products, said in an interview.

The worm drops the "Safety Browser" on the target's machine. The rogue browser uses the same icon as Microsoft's IE web browser and, when opened, takes users to a site that installs spyware on the PC, FaceTime said. The company said in a statement: "This is the first recorded incidence of malware installing its own web browser on a PC."

The pest also sets the victim's IE homepage to Safety Browser's website and plays looped music that cannot be stopped, FaceTime said. Additionally, when installed the worm sends itself to all of the infected user's contacts, the security company said.

The new threat arrives as a link in a message box on the target's PC. The link may also say "Goat_Ensem Bot" with a smiley. After someone clicks the link, at least one warning will be displayed to tell the user that software is about to be downloaded or installed and that this may be malicious, Wells said.

Researchers at FaceTime discovered the pest after it hit on one of their test machines. These PCs are connected to instant messaging networks and typically logged in to chatrooms, which are often the starting point for new IM worms.

IM users can protect themselves against this and many other IM threats by not clicking on unexpected or unsolicited links.

Joris Evers writes for CNET News.com.

Reprinted with permission from Silicon.com

Click here to make ENN your home page

VIDEO REVIEW

Dell not dull; sees red
Dell adds a splash of colour to its latest laptop range, but is this enough, or do consumers want an edgier look? » Read more

ENN CORPORATE

Complete copywriting services
Do you need skilled writers to put together compelling prose for your company? Why not check out the new-look corporate services site from ENN and see how we can put our skills to your use. » Read more

<a href='http://openx.enn.ie/www/delivery/ck.php?n=af6c6082&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='http://openx.enn.ie/www/delivery/avw.php?zoneid=5&cb=INSERT_RANDOM_NUMBER_HERE&n=af6c6082' border='0' alt='' /></a>
<a href='http://openx.enn.ie/www/delivery/ck.php?n=a5c6ffca&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='http://openx.enn.ie/www/delivery/avw.php?zoneid=6&cb=INSERT_RANDOM_NUMBER_HERE&n=a5c6ffca' border='0' alt='' /></a>
<a href='http://openx.enn.ie/www/delivery/ck.php?n=a7dee0d0&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='http://openx.enn.ie/www/delivery/avw.php?zoneid=7&cb=INSERT_RANDOM_NUMBER_HERE&n=a7dee0d0' border='0' alt='' /></a>

Not a member yet?
Sign up free, click here
To change your ENN Newsletter and alerts preferences here

WHO'S WHO IN PR

Full listing of Irish PR firms, including high-tech specialists. » Click here

Promo: B.Sc. Info Systems, Trinity

The crunch crushes the IT sector?

Web Pick: Live Mesh Tech Preview