You Are Here: Home » E-Threats » Alerts » Yahoo Messenger Malvertising Hijacks Your Browser Start Page to Vietnamese Portal

Yahoo Messenger Malvertising Hijacks Your Browser Start Page to Vietnamese Portal

A piece of malicious advertisement that leads to a Vietnamese website has been displayed for a couple of hours on all Yahoo Messenger windows in the world. It appears he Yahoo Messenger client has been instructed to display a banner linking to Vietnamese website laban.vn for four hours.

It is not yet clear whether the banner has reached YIM customers following a legit advertising campaign that was modified by the advertiser later, or if it is an abusive attack that exploits a bug in the Yahoo Ad services. One thing is certain: users who followed the neatly crafted banner (a novel apparition for most YIM users that simply had to be checked out) were directed to laban.vn, where they were prompted to install an exe file.

When run, the application looks for installed browsers, then hijacks the start page of each one to hxxp://laban.vn [handle with care]. This would be normal behavior for a browser add-on or toolbar, but there is more to the application than that: it adds itself to the Windows startup entries, so it can start at every system boot. When started, the application hijacks the browser start page over and over again.

If you have already installed the respective exe file, simply changing the browser’s start page won’t be enough. We offer a free removal tool that eliminates all traces of the laban.vn hijacker and restores the browser start page to about:blank.

The removal tool can be downloaded for free from the Bitdefender Labs Downloads Area. Update: this removal tool supports both 32- and 64-bit operating systems.

Some information in the article provided by virus researcher Octavian Minea. Removal tool courtesy of malware researcher Gabriel Ciubotaru.

About The Author

Senior E-Threat Analyst

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

Number of Entries : 334

Comments (5)

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top