W32/Yaha-E worm spreading in the wild

Sophos Press Release

Sophos has received an increasing number of reports in the past few days of the W32/Yaha-E worm infecting user's computers.

Many of the reports have come from the Netherlands and Switzerland, although there have been submissions to Sophos's support department originating from other countries.

The worm arrives as an email attachment and can use a wide assortment of subject lines and filenames. Many of the subject lines use wording related to friendship or love.

Sophos has had protection available to protect against W32/Yaha-E since June 20, and reminds users that if they have kept their anti-virus protection fully updated they should have nothing to fear.

Sophos also advises companies to adopt a "safe computing" policy which can include such elements as blocking potentially dangerous file types from entering your organisation at the email gateway.


More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.