Visited Yahoo Over the Last Week? You May Be Infected With Malware

Your News Companion by Ben Mathis-Lilley
Jan. 5 2014 1:04 PM

Visited Yahoo Over the Last Week? You May Be Infected With Malware

180390238

Photo by KAREN BLEIER/AFP/Getty Images

Hundreds of thousands of users have been infected with malware over the last few days from Yahoo’s advertising servers, according to two Internet security firms. It seems attackers delivered malicious ads through Yahoo’s ad network since at least Dec. 30, although it may have started earlier.

Fox IT, a Netherlands-based security firm, first described the problem in a blog post noting that some of the ads served by ads.yahoo.com are malicious. A separate security researcher in the Netherlands, Mark Loman, confirmed the malware, reports the Washington Post. The ads reportedly send users an “exploit kit” that “exploits vulnerabilities in Java and installs a host of different malware,” notes Fox IT. The company estimates that the malicious ads were being delivered to some 300,000 users per hour and it calculates that 27,000 per hour were being infected. The countries most affected are Romania, Britain, and France.

“At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo,” notes Fox IT. Although it isn’t known who is behind the malware, “the attackers are clearly financially motivated and seem to offer services to other actors.” Yahoo confirmed the infection and says it has taken steps to remove the threat, reports PC World. “We recently identified an ad designed to spread malware to some of our users,” a spokesman said in a statement. “We immediately removed it and will continue to monitor and block any ads being used for this activity.”

Advertisement

This attack is only the latest reminder of how dangerous Java has become on the Web. So why not take this opportunity to simply disable it in your browser? Slate’s Will Oremus wrote an easy-to-follow step-by-step guide last year on how to get it done.

Daniel Politi has been contributing to Slate since 2004 and wrote the "Today's Papers" column from 2006 to 2009. You can follow him on Twitter @dpoliti.

TODAY IN SLATE

Medical Examiner

Here’s Where We Stand With Ebola

Even experienced international disaster responders are shocked at how bad it’s gotten.

Why Are Lighter-Skinned Latinos and Asians More Likely to Vote Republican?

A Woman Who Escaped the Extreme Babymaking Christian Fundamentalism of Quiverfull

The XX Factor
Sept. 22 2014 12:29 PM A Woman Who Escaped the Extreme Babymaking Christian Fundamentalism of Quiverfull

Subprime Loans Are Back

And believe it or not, that’s a good thing.

It Is Very Stupid to Compare Hope Solo to Ray Rice

Building a Better Workplace

In Defense of HR

Startups and small businesses shouldn’t skip over a human resources department.

How Ted Cruz and Scott Brown Misunderstand What It Means to Be an American Citizen

Divestment Is Fine but Mostly Symbolic. There’s a Better Way for Universities to Fight Climate Change.

  News & Politics
Over There
Sept. 22 2014 1:29 PM “That’s Called Jim Crow” Philip Gourevitch on America’s hypocritical interventions in Africa.
  Business
Moneybox
Sept. 22 2014 5:38 PM Apple Won't Shut Down Beats Music After All (But Will Probably Rename It)
  Life
Dear Prudence
Sept. 22 2014 3:33 PM Killing With Kindness My in-laws want to throw me a get-well-from-cancer bash. There’s no way I can go.
  Double X
The XX Factor
Sept. 22 2014 7:43 PM Emma Watson Threatened With Nude Photo Leak for Speaking Out About Women's Equality
  Slate Plus
Slate Plus
Sept. 22 2014 1:52 PM Tell Us What You Think About Slate Plus Help us improve our new membership program.
  Arts
Brow Beat
Sept. 22 2014 9:17 PM Trent Reznor’s Gone Girl Soundtrack Sounds Like an Eerie, Innovative Success
  Technology
Future Tense
Sept. 22 2014 6:27 PM Should We All Be Learning How to Type in Virtual Reality?
  Health & Science
Science
Sept. 22 2014 12:15 PM The Changing Face of Climate Change Will the leaders of the People’s Climate March now lead the movement?
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.