Visitors of Yahoo Served with Malicious Ads - says Fox IT

Fox IT, an Internet security company headquartered in the Netherland, says that a new study reveals the possibility of thousands of visitors to Yahoo website being exposed to malware advertisements. The activity first came to light on 3rd January, 2014 involving several ads hosted by ads.yahoo.com.

Not all the ads distributed by ads.yahoo.com are spiteful but many malware ads were noted redirecting Internauts to a "Magnitude" Exploit Kit that implanted many malware files.

This exploit kit, as accords to Fox-IT abuses flaws in Java and implants a host of different malwares that include Zeus, Dorkbot/Ngrbot, Andromeda, Tinba/Zusy, Advertisement clicking malware, and Necurs.

The security firm noted that the Internaut witnesses an iframe advertisement. And the notorious ad redirects the visitor to one of several domains and the malware is then distributed from one IP (Internet Protocol) address.

Fox-IT says that the initial infection occurred on 30th December, 2013 though the Yahoo malware ads may have began prior to that particular date.

It (Fox-IT) also anticipated that on Friday, 3rd January, 2014, the malware was delivered to roughly 300,000 Internauts at a rate of about 27,000 infections/hour and the nations with most impacted Internauts were Romania, Britain and France.

Ndtv.com published news on 6th January 2014 quoting Fox-IT as that it's unclear which particular group is behind this attack and the crooks are unmistakably financially motivated.

Meanwhile, Surfright, yet another security firm located in the Netherlands highlighted its take on the Yahoo.com ad attack and the impending consequences. As accords to, Surfright estimates more than 2,000,000 machines have been tainted as a result of the attack.

A Surfright Expert blogged that not every advertisement on the Yahoo ad network contained nasty iframe but if you have an outdated version of Java Runtime and if you have used Yahoo Mail in the past 6 days then your PC is probably infected with malware. Furthermore, we also obtained news that the malware was spreading through ads in Yahoo messenger. Thus, it's good to scan your PC for malware if you have used Yahoo's services lately, he advised, as published by cnet.com on January 5, 2014.

» SPAMfighter News - 1/10/2014