Yahoo Is Under Attack!
Published by: Codrut Nistor, in News
February6th2008
Just as Microsoft's offer to buy them wasn't enough, Yahoo also gets cornered by hackers. It's not cute, and it's also completely wrong what's happening, but that's life. After all, Yahoo may take advantage of the whole media exposure it gets these days, regardless this hacking issue. Well, before drawing the conclusions, I think it's better to find out more about Yahoo's latest flaw, don't you agree?
According to the guys at Symantec, an exploit for Yahoo! Music Jukebox was released yesterday, and their honeypots picked up people using this flaw. The good part is that all detected exploits are copies of the public one, but, according to the same source "it won’t take long before the exploit is wrapped in an encoder in an attempt to make detection more difficult, however".
It seems all problems Yahoo has with these exploits are due to ActiveX bugs (well, since this is a technology coming from Microsoft, I finally found one good reason for Yahoo to accept their offer - ActiveX and IE-related bugs may be fixed faster than now...or maybe not!), and an attacker can install various programs on the target machine, by using them.
Yahoo didn't comment on this issue yet, and I am sure they have more important problems to think about now. Anyway, as soon as we find out more about this topic...we'll be there to give you all the info we get!
According to the guys at Symantec, an exploit for Yahoo! Music Jukebox was released yesterday, and their honeypots picked up people using this flaw. The good part is that all detected exploits are copies of the public one, but, according to the same source "it won’t take long before the exploit is wrapped in an encoder in an attempt to make detection more difficult, however".
It seems all problems Yahoo has with these exploits are due to ActiveX bugs (well, since this is a technology coming from Microsoft, I finally found one good reason for Yahoo to accept their offer - ActiveX and IE-related bugs may be fixed faster than now...or maybe not!), and an attacker can install various programs on the target machine, by using them.
Yahoo didn't comment on this issue yet, and I am sure they have more important problems to think about now. Anyway, as soon as we find out more about this topic...we'll be there to give you all the info we get!
Loading ...
Want to add something? Post your comments