Just a quick warning to readers, if you visit Yahoo UK's site this morning it seems like some part of their website or advertising has been infected with a Trojan/Worm.
Every time I reload one of their pages the website attempts to send a 'JS/Tivso.14a.gen' Trojan infection to my computer, I tried with a couple of other computers and it's the same thing, luckily NOD32 picks up and eliminates the threat without any problems.
I've been mostly viewing the http://uk.news.yahoo.com domain and a quick hunt for information on the Trojan confirmed that it seems to be a modern website based variant of the 'W32.Feebs.J@mm' worm.
So steer clear of the Yahoo site today folks and take note that I believe the infection may be part of an advert that may have also cropped up with the same problem on ZDNet UK once this morning.
Every time I reload one of their pages the website attempts to send a 'JS/Tivso.14a.gen' Trojan infection to my computer, I tried with a couple of other computers and it's the same thing, luckily NOD32 picks up and eliminates the threat without any problems.
I've been mostly viewing the http://uk.news.yahoo.com domain and a quick hunt for information on the Trojan confirmed that it seems to be a modern website based variant of the 'W32.Feebs.J@mm' worm.
W32.Feebs.J@mm is a mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer.
Symptoms
Starts a local Web server.
Sends a copy of itself to email addresses gathered from the compromised computer.
Sends confidential information to a remote attacker.
Modifies firewall settings.
Subject of email: Varies
Name of attachment: Varies
Ports: TCP Port 80.
So steer clear of the Yahoo site today folks and take note that I believe the infection may be part of an advert that may have also cropped up with the same problem on ZDNet UK once this morning.























