‘Star Wars’ Flavor Trojan Targets IM

The Dark Side never seems a galaxy far away when it comes to exploiting
popular culture on the Internet. And it appears that hackers are exploiting
interest in the new “Star Wars” film to harvest Yahoo login credentials.

Security firm IMlogic’s threat center issued a warning today about a new
Trojan named PHISH.Yahoo.STAR that attacks Yahoo IM users.

“The Trojan URL references StarGames apparently trying to take advantage
of the popularity of the newly released Star Wars movie,” the company warned
on its Web site.

The vulnerability is initiated when a user clicks on a malicious URL that
is sent to them from a user on their buddy list. Once the user clicks on the
link he is asked to enter his Yahoo credentials, the Trojan then resends the
messages to all the buddies on the user’s Yahoo client.

The company has asked users to ensure that their desktop systems have
been updated with the latest security patches.

The security company has assigned a medium security threat warning to the
Trojan.

News Around the Web