Yahoo's advertising servers serving malware?

http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/04/thousands-of-visitors-to-yahoo-com-hit-with-malware-attack-researchers-say/

Two Internet security firms have reported that Yahoo's advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo's advertising network for their own ends.

Fox IT, a security firm based in the Netherlands, wrote a blog post on Friday describing the problem. “Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious,” the firm reported. Instead of serving ordinary ads, the Yahoo’s servers reportedly sends users an “exploit kit” that “exploits vulnerabilities in Java and installs a host of different malware.”

[…]

Good thing there are extensions like PrivDog and AdBlock then. :wink: Oh and running your browser in a sandbox is a good idea too. :slight_smile:

Seriously though, it seems like ad networks is a hot target, infecting one system that easily spreads it to thousands of other systems… 88) Think off all the bitcoins ;D (joking of course) Now imagine the malware being spread was Cryptolocker… :-\

I have disabled java, any way to figure if i am infested with it?
Any antivirus has it in his db yet?

I don’t get that. :slight_smile:

Sometimes I forget to type things :-\ … Meant to say “Oh and running your browser in a sandbox is a good idea too.”

Just wish it wouldn’t impose a 30 fps limit on the browser. :cry:

Or to have a sandbox in the browser. :slight_smile: And to not have Java installed, of course. :wink:

But if you have the browser sandboxed then you should be able to have Java installed since if any exploit uses Java, Java would be sandboxed and so would the malware. :stuck_out_tongue: But yeah I don’t have Java installed.

that`s why there is www.privdog.com

it protects you from these kind of [url=http://www.privdog.com]malvertising[/url] attacks.

Melih

Yup, got it covered in the OP. :wink:

advertising industry must change its behaviour…

its too $$$ oriented and not so much user.

We will force their hands to change it with Privdog!

anyone using www.privdog.com is safe from this and many attacks like this.

Time to protect yourself from Ads!

Thanks for the info/link.

“Yahoo users have been getting infected since at least Dec. 30. At the time it discovered the issue on Friday, the firm says, malicious payloads were being delivered to around 300,000 users per hour. The company guesses that around 9 percent of those, or 27,000 users per hour, were being infected. More recently, the firm says, the volume of infections has tapered off, perhaps due to efforts by Yahoo’s security team.” (http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/04/thousands-of-visitors-to-yahoo-com-hit-with-malware-attack-researchers-say/)

We expect better Yahoo… :-TD

it seems like a good idea for comodo to end their partnership with yahoo

Why would you say this? From what I’ve seen many companies are falling prey to these criminals. Let us not forget that Yahoo is also a victim here. These criminals are very good at what they do, and I don’t think we should underestimate that.

I would say that we should not trust their ads, but Comodo has essentially already said that by including PrivDog as opt-out with their installers. Thus, although I hope Yahoo sees this as a wake-up call and better protects their servers, I see no reason for the partnership to end.

i misread some info. for some reason i didnt see they were hijacked. my mistake

i must be really tired or something :-[ :slight_smile:

Or human wasgij6. :wink:

Human? Are moderators allowed to be human? :stuck_out_tongue:

In all seriousness, no problem. I didn’t mean any offense. We all misread articles sometimes, myself included, and I am still bothered that something like this could happen. Even though it wasn’t intentional, companies really need to wake up to how their internal networks are protected. Most still rely largely on detection-based protection, and we all know how effective that is against a concerted attack. :-\

Not Comodo ones… No ;D :-X