1. Symantec/
  2. Security Response/
  3. JS.Yamanner@m


Risk Level 2: Low

June 12, 2006
June 12, 2006 12:51:44 PM
Also Known As:
JS/Yamanner@MM [McAfee], JS_YAMANER.A [Trend], Yamanner.A [F-Secure], JS/Yamann-A [Sophos], Yamanner.A [Computer Associates]
Systems Affected:
JS.Yamanner@m is a worm that is written in JavaScript. It exploits a vulnerability in the Yahoo email service to send a copy of itself to the user's Yahoo email contacts.

The worm cannot run on the newest version of Yahoo Mail Beta.

The worm arrives on the compromised computer as an HTML email containing Javascript. The email may have the following characteristics:
From: Varies
Subject: New Graphic Site
Message body: Note: forwarded message attached.

It exploits a vulnerability in the Yahoo email service to run a script and send a copy of itself to certain email addresses gathered from the Yahoo email folders.

The worm targets email addresses from the @yahoo.com and @yahoogroups.com domains.

The worm may also contact the following URL:

It sends a list of email addresses gathered to the above URL.
Summary| Technical Details

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube