RapidSoft Systems Home
RapidSoft Systems Home


Yahoo Users Exposed to Malware Attacks

Some users visiting Yahoo.com are redirected to sites armed with code that exploits vulnerabilities in Java and installs a variety of different malware.
By Chris Ry

Tues, 01/06/2014

Yahoo.com visitors over the last few days may have been served with malware via the Yahoo ad network, according to Fox IT, a security firm in the Netherlands. Users visiting pages with the malicious ads were redirected to sites armed with code that exploits vulnerabilities in Java and installs a variety of different malware.

Correction:This story previously stated that the ads required a click to trigger the exploit. According to Maarten van Dantzig of Fox IT, the ad being displayed is enough to redirect users to the malware injection site. We are checking with Yahoo for further explanation.

In a blog post, Fox IT estimated that, based on sample traffic, the number of visits to the site carrying the malicious code was visited around 300,000 times per hour.

"Given a typical infection rate of 9% this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Britain, and France. At this time it's unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo," Scurity Experts from IT team said on its blog.

The security firm found evidence that the redirects go to domains hosted in the Netherlands, but was unable to identity the perpetrators. Traffic has slowed to the exploit, Fox IT noted, suggesting that Yahoo is addressing the vulnerability.

Yahoo confirmed the presence of malware on its servers and said it had taken steps to combat the issue.

"We recently identified an ad designed to spread malware to some of our users," Yahoo said Saturday in a statement. "We immediately removed it and will continue to monitor and block any ads being used for this activity."

Source Courtesy: network world.com

iPhone developer
Spacer