About 2.5 million users were attacked by ad malware while visiting Yahoo.com website. According to the news flashed by Fox IT, attackers hijacked some Yahoo! advertisements and breached users with malicious software when they viewed those advertisements, within a span of December 30, 2013 to January 2, 2014. Those ad viewers’ computers are likely to be infected with the malware as they were being redirected to websites which were designed to install malicious software on their computers. Even if users didn’t click those advertisements, still they were redirected to the malicious advertisement websites while visiting the website.
Who were attacked? Are you one of them?
According to an estimation taken by Fox IT, 27,000 Yahoo! clients were hit by the ad-based malware attack, in every hour, for over the period of December 30 to January 2, 2014. As per FOX IT, count of visits to the malware-infected website was recorded approximately as 300 thousands in every hour and infection rate was about 9%. Fox IT also reported that Americans were not probably hit by this huge malware attack; rather users from European countries including Romania, France and Great Britain were targeted instead.
But, Yahoo!’s response to the millions of victims of the malware attack was unusually blasé. Though the search giant acknowledged the security breach, but did not give detailed explanation of the attack. Yahoo! said,
“At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.”
The company also continued that –
“On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware. We promptly removed these advertisements. Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected. Additionally, users using Macs and mobile devices were not affected.”
What caused the malware attack on Yahoo!?
According to SurfRight, the malware attack is defined as an example of click fraud malware which gave backdoor access to attackers, gained remote access of the victims’ personal computers and stole sign-in credentials of many sites and also blocked many sites and online services for users.