Yahoo! Distributing Malware
Home » Industry News, Specials

Yahoo! Distributing Malware

Yahoo Happy Malware

Two separate Internet security firms have reported that over the past several days, Yahoo’s advertising servers have been distributing malware to visitors to Yahoo! properties, and other sites that have the Yahoo! ads being displayed. It is believed that the malware was put onto the advertising servers by malicious parties who found a way to hijack the ad network.

A blog post written by Fox IT, a respected security firm in the Netherlands, said, “Clients visiting received advertisements served by Some of the advertisements are malicious.” It went on to say that the Yahoo servers send the users an exploit kit which, “exploits vulnerabilities in Java and installs a host of different malware.”
At this point it is not clear whether Yahoo’s advertising servers were hacked, or if an advertisement was written with the malware, and then submitted via the normal channels, and happened to make it past Yahoo’s screening process.

According to the reports, visitors to Yahoo properties have been getting infected with this malware since at least December 30th. When it was discovered, Fox IT says it was delivering the exploit kit to around 300,000 users per hour. Due to anti-malware software and other factors, only about 9% of those 300,000 actually got infected by the malware. This is still 27,000 users per hour, which is a significant rate of infection.
The other security firm that confirmed the malware was Surfright, also based in the Netherlands. Surfright is a maker of anti-virus software.

A Yahoo spokeswoman said in an email to the Washington Post, “At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.” Yahoo also confirmed that this attack did not affect users in North America, or anyone who used mobile devices or MAC computers.

The investigation is still undoubtedly ongoing by Yahoo’s security team. Anyone who visits any Yahoo properties should run the anti-malware software of their choice to confirm they have not been infected.

Written by Michael Levanduski

Michael Levanduski is the assistant editor of Performance Marketing Insider, and an experienced freelance writer. He writes content for a wide range of sites in virtually every niche, though he specializes in technical writing as well as creating content for the performance and internet marketing industry. Michael was born in Grand Rapids, MI where he still lives with his wife and three children.

There are two comments. Join the discussion.

Share/Bookmark this!


Leave a reply

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CommentLuv badge

Recent Posts

Subscribe to PerformInsider

Get a FREE COPY of the Affiliate Marketing Insiders Handbook NOW! You'll also receive the free Performance Marketing Insider Newsletter and recieve weekly updates on what is going on in the affiliate and performance marketing industry. You'll learn it first at Performance Marketing Insider.

Your Email
Your Name

Advertise Here