Yahoo Users Infected By Malicious Ads For Four Days

The latest headlines making malware attack concerns Yahoo users. A security firm based in the Netherlands, Fox IT, reported over the weekend that Yahoo’s advertising servers were compromised. Faith Karimi and Joe Sutton of CNN report that malicious ads were shown to a number of users.

Users who visited Yahoo’s website between December 31st and January 3rd are at risk of a malware infection. Yahoo has publicly stated that users in North America, Latin America and Asia were not affected and most infections are limited to the UK, France and Romania.

Those users who were affected were served malicious ads directly from Yahoo thanks to an exploit kit that installed malware on Yahoo’s servers. Researchers warn that users didn’t even need to click on ads to risk an infection. At an estimated 9-percent successful malware infection rate, about 27-thousand users would be infected every hour these ads were allowed to run. Yahoo was not able to remove the malicious ads until they had been displaying for nearly 4-days.

Only PC users were at risk, however. The malware could not infect Mac users or those using mobile devices.

If infected the malware is capable of a number of actions. Click fraud, which consists of malware opening web browsers and clicking on ads to generate revenue, is one of the least severe threats. The malware can also remotely control a computer, disable security software and steal log-in information and passwords.

Even though this particular threat did not seem to infect any computers in the US, it should serve as a warning to all internet users. Yahoo is generally a trusted website, but was compromised by criminals and began infecting users with malware. This can happen to any site you typically visit. In order to stay safe, you need an up to date, trusted antivirus program in place.

If your computer has been infected by malware or you’d like to improve security on your devices, call Geek Rescue at 918-369-4335.