The malware affected Yahoo ads in the website’s sports, news and finance sites.
Advertisement
Malwarebytes stressed that the threat has been nullified due to Yahoo’s quick efforts in fixing the vulnerability. Once this happens, malware would be downloaded to the user’s computer. In the past week, however, Yahoo visitors have been victimised by a wide “malvertising” campaign.
Some Yahoo (NASDAQ:YHOO) ads are spreading malware to people who visit the links associated with these ads. “There are number to pick from, and using this combination offers the best chance of preventing an ad network redirect to an exploit kit”. Segura called it a “godsend” to cyber-attackers, according to The New York Times.
According to a report from Jérôme Segura, senior security researcher at Malwarebytes, Yahoo’s websites have “an estimated 6.9 billion visits per month, making this one of the largest malvertising attacks we have seen recently”. In some cases the sites are infected with a ransomware, which encrypts the user files on the victim’s computer and asked them to pay a fee in for the decryption keys. For users, it can significantly slow down their machines and waste power.
The campaign is believed to have kicked off July 28, and once discovered, Malwarebytes informed Yahoo of the issue.
The statement also says the company will continue to “ensure quality and safety of our ads through our automated testing and through the SafeFrame working group, which seeks to protect consumers and publishers from the potential security risks inherent in the online ad ecosystem”.
Malwarebyte’s Boyd told Business Insider that numerous Azure websites caught up in this attack are likely to have been phished accounts, as opposed to ones set up for the explicit goal of scamming users. At the time of publication a request for comment from Yahoo by IBTimes UK was not returned.
It is unclear how many people have been infected by the malware, with Malwarebytes saying that only the gang behind the attack would be aware of these figures.
The so-called “malvertising” affected computer users with older versions of Adobe’s oft-targeted Flash player on Windows.
Advertisement
“While there is no way to know for sure who may have been exposed to the rogue adverts, the sheer numbers thrown at the Yahoo pages could potentially mean high rates of infection”. The number of malvertising attacks spiked in the first half of this year, registering a 260 percent increase over the same period in 2014, Digital enterprise security company RiskIQ said today at the Black Hat USA security conference.
