If you’ve paid a visit to the Yahoo portal in the last few days then you might want to run a fresh security scan of your system: Dutch firm Fox IT has reported seeing malware infections on machines that have recently visited the Yahoo.com domain. It’s believed that malicious code unwittingly served up by Yahoo’s ad network has been bombarding users with a variety of security threats.
The main threat appears to exploit a vulnerability in the Java programming language to circumvent the defences on a user’s machine, and according to Fox IT the infected sites typically attract around 300,000 hits an hour. Simply viewing the malicious advert is enough to be affected — you don’t have to click anywhere to become a victim of the scam.
“Given a typical infection rate of 9% this would result in around 27,000 infections every hour,” wrote Fox IT on its blog. “Based on the same sample, the countries most affected by the exploit kit are Romania, Britain, and France. At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo.”
The perpetrators of the attack have not yet been identified, but Yahoo has now dealt with the issue. “We recently identified an ad designed to spread malware to some of our users,” said Yahoo in a statement. “We immediately removed it and will continue to monitor and block any ads being used for this activity.”
Even though the panic is over, it’s still worth running a full scan of your desktop or laptop if you’re a regular Yahoo visitor. As always, keep your Web browser and security tools updated to minimize the risk of picking up a malware infection while you’re out and about online.
- Cryptojacking is the new ransomware. Is that a good thing?
- Oath revamps Yahoo, AOL privacy policies to allow email and photo scans
- Electronic locks in over 40,000 hotels worldwide compromised, says security firm
- From pranks to nuclear sabotage, this is the history of malware
- AMD is working on fixes for the reported Ryzenfall, MasterKey vulnerabilities