Sunday, January 05, 2014

Yahoo! has apparently served infected ads in the past week

Yahoo! has apparently admitted that a party advertising on its site was apparently loading malware onto visitor computers, seemingly to get a list of compromised home or business computers to sell to organized crime. The list of potentially compromised IP addresses is substantial. 
The hack apparently started on Dec. 30.
The Switch Blog of the Washington Post reported on the incident late on Saturday, here.  It was not immediately apparent if users could be infected merely from the Yahoo! pages of if they had to click on the actual advertisements served by Yahoo!  
Apparently the problem is now resolved.  I have asked Webroot if its Secure Anywhere would identify the threats on a home computer now.  I don’t think I have visited Yahoo! during this period, although I frequently visit its finance page most of the time. 

Fox IT had blogged about the issue recently, here

The exploit appears to use Java and will not infect a machine in which Java is disabled.  It isn’t completely clear if it is limited to Windows.  

Update:  Jan. 6

Latest reports indicate that most of the affected users are in Europe. 

No comments: