First, from F-secure (A/V stuff):
interesting tidbit here:
The Yamanner worm does not send itself as an attachment, it resides inside the e-mail body. The worm activates automatically by just opening an infected e-mail message with Internet Explorer. It uses a 0-day vulnerability in Yahoo! webmail system.
Now for MORE interesting stuff:
says, that "Yahoo! 'virus writer' claims he just wants a job"
While a number of antivirus experts who have seen the email claim it is quite likely the sender is indeed the culprit, there is no sure-fire way of confirming this. However, one added that whether or not the man in question wrote the Yamanner worm it is certainly "an unusual way to try to land a job".
The email, sent from a webmail address, stated: "I don't like to disturb no one. I am from Iran. I just looking for good job in good computer company and I wrote this worm only to prove that I have some abilities in web programming."
Mikko Hypponen, chief research officer at F-Secure, told silicon.com: "I think he might be the real deal," though he conceded it is almost impossible to be sure.
Carole Theriault, senior security consultant at Sophos, told silicon.com that the technical knowledge displayed in the email certainly suggests the man was very familiar with the virus: "It is possible that he authored this threat, however it is a script virus, so if he received it, it would be easy for him to see the source.
So. There's NOTHING new under the sun..