Educause Security Discussion
mailing list archives
Re: "Yay" Malware
From: RL Vaughn <Randy_Vaughn () BAYLOR EDU>
Date: Fri, 12 Jan 2007 17:41:55 -0600
TCP SYN packets to 220.127.116.11:80
David Taylor wrote:
Does anyone know what kind of 'outgoing traffic' this is?
From: Tim Lane [mailto:tlane () SCU EDU AU]
Sent: Thursday, January 11, 2007 8:26 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] "Yay" Malware
has anyone seen (for want of a better term) the Yay Malware. We are seeing
a small window with the word "yay" in it appear on the desktop with a lot of
outgoing traffic. A search on Google cites quite a few people seeing this
in the last 24 hours but no resolution.
We have tried to remove it with:
Seems like it may be very new and the AV vendors have not caught on yet....
If anyone has seen it and mitigated it I would be interested to hear.
Information Security Program Manager
Information Technology and Telecommunication Services
Southern Cross University
PO Box 157 Lismore NSW 2480
(02 6620 3290 7 02 6620 3033 - tlane () scu edu au
8 <http://www.scu.edu.au> http://www.scu.edu.au