Malware attacks thousands of Yahoo.com visitors through Java exploit

On Friday, Netherlands-based security firm Fox IT reported that Yahoo.com’s advertising network (ads.yahoo.com) was hacked and serving up malware to thousands of visitors during the last week. Fox IT believes Yahoo users were compromised as early as December 30, and the company estimates as of Friday that malicious materials were being delivered to roughly 300,000 visitors per hour—with nine percent (27,000) thought to be infected.

While infected, Yahoo’s ad servers were reportedly sending visitors an “exploit kit.” According to Fox IT, this would zero-in on vulnerabilities in Java to install various malware components on host computers. Fox IT has not yet identified a specific culprit, but the firm is confident the attack is financially motivated (with control of victim’s machines possibly being sold to others).

The Washington Post spoke to two security researchers who confirmed the situation. Researcher and WaPo contributor Ashkan Soltani said it’s possible the attack came from a direct hack, but the attackers may have also disguised the malware as regular ads that evaded Yahoo’s filtering system. Either way, The Post noted the situation is just the most recent case of Java exploits in a year that was filled with them.

Read 2 remaining paragraphs | Comments

via Ars Technica http://feeds.arstechnica.com/~r/arstechnica/index/~3/50p4TQyS1JU/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s