January 6th 2014
Thousands of Yahoo! users have been affected by malware distributed by its advertising server.
Netherlands-based internet security specialist Fox-IT estimates that 27,000 PCs have been infected by ads.yahoo.com every hour, with the UK, France and Romania most affected. A Fox-IT blog post said: "At this time it's unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo!"
If an infected computer is connected to a network, the attackers can often access other connected systems and servers.
Yahoo is monitoring and blocking the malware-infected advertisements. In a statement yesterday, it said: "At Yahoo, we take the safety and privacy of our users seriously. On Friday … on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware. We promptly removed these advertisements." It added that Macs and mobile devices were not affected.
It is not clear who is behind the attack, but it appears to be financially motivated.
Fox-IT has said that the infection began as long ago as December 30th, or possibly even earlier.
