In association with heise online

26 September 2006, 12:30

Beware of Yahoo! Greeting Cards

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A new phishing scam using a fake greeting card notification message lures users to a spoofed site that contains a Trojan. The spoofed Yahoo! site hosts updated Web-Attacker VML exploit code. This example lures users to the site by claiming they have received a Yahoo! Greeting Card. The site downloads and installs an Internet Explorer Browser Helper Object that directs all HTTP posts from forms to a third party, and then collects information on end-users. The exploit is hidden in a 1x1-pixel iframe.

To date, there isn't an official patch from Microsoft fixing this security problem with VML, but users can protect themselves with an unofficial patch from ZERT. (Niels Bjergstrom)

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit