Techtree.com India > News > Internet > New Yahoo! IM Worm Emerges FYI

This time it’s the Yahoo! Instant Messenger (IM) users who are under threat from a new worm that installs a rogue Web browser called “Safety Browser,” and hijacks the user’s Internet Explorer homepage.

Researchers from FaceTime Security Labs, a seller of instant messaging security products, who first identified the threat, have dubbed this first-of-its-kind worm as “yhoo32.explr” that was found on the Yahoo! IM network about two weeks ago.

According to the researchers, this is the first recorded incidence of malware installing its own Web browser on a PC, without the user’s permission. The worm drops the “Safety Browser” on the user’s PC. The Safety Browser uses the same icon as Microsoft’s IE Web browser, and when opened, takes users to a special home page called Demoplanet that installs spyware on the PC. The icon randomly changes to the Internet Explorer icon, and also urges the user to click on a series of advertisements to further fool users, which in turn installs more spyware and adware on their PCs.