IM worm installs rogue browser

Written on May 22, 2006 – 11:02 am | by GoogleBot |

Safety last

Security researchers are warning of an instant messenger worm that installs a maliciously constructed browser onto compromised Windows PCs. The self-propagating worm, dubbed yhoo32-explr, installs a so-called “Safety Browser”. Users who install the software are directed to a site that loads spyware onto their PCs.

Yhoo32-explr spreads by sending links to a site that installs the Safety Browser to all an infected surfers’ Yahoo! Messenger contacts. Safety Browser uses the IE icon in a bid to dupe unsuspecting users.

Once installed, Safety Browser hijacks the personal homepage in Internet Explorer and directs it towards the Safety Browser homepage (actually a site loaded with spyware). It also plays looped music that can’t be stopped.

Full story: The Register

Related Posts

Post a Comment

Comment spam protected by SpamBam

About this site

Welcome to Techbeta. Techbeta is a site focussed on tech news, and freeware/open source software for Windows, Mac OS X, Pocket PC and Linux. More

Want to subscribe?

 Subscribe in a reader Or, subscribe via email:
Enter your email address:  
Find entries :