UPDATED 02:37 EST / JANUARY 06 2014

Yahoo ads dumped malware on visitor's PCs NEWS

Yahoo ads dumped malware on visitor’s PCs

Yahoo ads dumped malware on visitor's PCsFollowing all the bad publicity over its Yahoo Mail service last year, with user’s accounts being constantly hijacked and a disastrous, weeks-long outage in December, Yahoo was probably hoping for some better press going into 2014. Sadly though, the opposite has happened, with reports over the weekend warning that the company’s home page has been serving up malware-infected ads that have likely infected “thousands” of PCs.

The warning came via security firm Fox IT, which said that over a five day period from December 30 until January 3, dozens of Yahoo.com visitors were served up with malicious ads. The ads redirected visitors to a number of domains all pointing to the same IP address in the Netherlands, where malware was then installed on their machines.

Fox IT said that the cybercriminals responsible used something known as the Magnitude exploit kit, which exploits vulnerabilities in Java and installs well known malware like Andromeda, Dorkbot/Ngrbot and ZueS onto unsuspecting PCs. All in all, Fox IT estimates some 300,000 visitors an hour visited the compromised sites by way of Yahoo’s malicious ads:

“Given a typical infection rate of 9% this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Britain, and France. At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo,” said Fox IT on its blog.

The good news is that Yahoo now claims to have the situation under control, issuing the following statement to the Washington Post:

“At Yahoo, we take the safety and privacy of our users seriously. On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware. We promptly removed these advertisements.”

US readers will be pleased to know that they’re in the clear:

“Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected. Additionally, users using Macs and mobile devices were not affected.”

Yahoo probably deserves some credit this time, for at least it moved quickly and appears to have nipped the problem in the bud. Nevertheless, a company like Yahoo should never of allowed its users to be hit with malware in the first place – as one of the most respected internet brands around, people trust it not to let these things happen, yet once again it’s let its users down. What with the glitchy launch of Yahoo Mail and all the reports of people’s accounts being hacked over the last year, don’t be surprised if this compels more users to ditch their services in favor of alternatives.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU