The Yaha Worm

Tips & Hints

The Yaha worm is an old dog with no new tricks. But it does have an excellent sense of timing.

2 January, 2002

The Yaha worm has been kicking around in various forms since March 2002 without much effect. Basically it's a copy the Klez worm with a few details changed. Where this latest variation may cause trouble is the timing of its release.

Many businesses have been closed for two weeks over the Christmas/New-Year break. On Monday, when these businesses re-open, their anti-virus programs will be two weeks out of date. This is an opportunity for virus like Yaha to get into systems.

The most basic defence against this virus is not to open suspicious attachments. Of course, it is a good idea to have your systems up-to-date as well, we'd suggest making it a habit to update your anti-virus program before opening your e-mail. Corporate e-mail systems should be updating themselves automatically and some Internet providers scan e-mails coming into their systems.

Like the Klez and Bugbear viruses the Yaha worm does a lot of damage to anti-virus programs. Once you are infected, not only do you have the Yaha worm, but you are also at risk from any other viruses. To keep yourself safe, avoid opening suspicious attachments, keep your anti-virus up-to-date and make sure the latest security patches for your system are installed

More Information

Symantec Security Response description of the virus

Message Labs' virus tracking

The Registers' article about the worm

PC Rescue Pty Ltd
Suite 236, 4 Young Street Neutral Bay NSW 2089
ABN 082 635 765
ŠTechnology Publishing Australia, 2011