Home » Latest Technology » Thousands of Yahoo visitors hit with malware

Thousands of Yahoo visitors hit with malware

         

Thousands of Yahoo visitors hit with malware

Two web safety corporations have mentioned that Yahoo’s promotion servers had been distributing malware to tons of of hundreds of customers during the last week.

The assault seems to were the work of malicious events who’ve hijacked Yahoo’s promoting community.

Fox IT, a safety agency primarily based within the Netherlands, described the issue in a blog post on Friday. "Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious," the firm reported. Instead of serving ordinary ads, Yahoo’s servers reportedly sent users an "exploit kit" that "exploits vulnerabilities in Java and installs a host of different malware."

300,000 users per hour

Fox IT says Yahoo users have been getting infected since at least December 30 2013. At the time it discovered the issue on Friday, the firm says, malicious payloads were being delivered to around 300,000 users per hour. The company guesses that around 9 percent of those, or 27,000 users per hour, were being infected. More recently, the firm says, the volume of infections has tapered off, perhaps due to efforts by Yahoo’s security team.

A researcher, also in the Netherlands, has confirmed seeing the malware. The fact that the malware targeted flaws in a Java programming environment is a further reminder that the software is not entirely secure.

As Java’s Web plugin has declined in popularity among legitimate Web developers, its security flaws have become a juicy target for hackers. Some browser vendors are moving toward blocking the technology outright. Security experts recommend that if your browser supports it, you should disable Java as a precaution.

A Yahoo spokeswoman said: "We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity."