Norman Safeground Blogs

insight, opinion & information

 
 

Visited Yahoo recently? You may have malware!

yahooWeb giant Yahoo! (most famous for its search engine at www.yahoo.com) experienced a notable security breach earlier this year when its advertising network (ads.yahoo.com) was hacked.

The resulting chaos meant that roughly 300,000 visitors per hour were exposed to malicious content, with around 9% of those (27,000) thought to have been fallen victim to the exploit.

The breach was targeted at a European audience, so users from outside the region should be safe from the fall-out. For all of us inside the EU, however, it’s a good idea to run a malware scan. Especially if you’re from Romania, the UK and France who, incurring 24%, 23% and 20% of the infections respectively, were the biggest victims

It’s important to note that even if you haven’t visited a Yahoo! website, you’ll still need to run a malware scan after this outbreak. This is because the hacked site – ads.yahoo.com – powers the company’s advertising network, which places adverts on thousands – if not millions – of webpages.

Pretty much all of the advertisements you see on websites are hosted by third-party sites (most notably Google or Yahoo), so it’s very difficult to know who is providing the advert you’re looking at.

However, even if you’ve never visited Yahoo.com, it’s extremely likely that you’ve seen an advert from ads.yahoo.com.

What happened?

The exploit used a special code inside an advertisement hosted on ads.yahoo.com to redirect anyone who clicked on it to a dangerous website. That site hosted the “Magnitude” exploit kit, which searched the user’s computer for Java software. If Java was found, the exploit kit would use security holes in it to install malware.

It seems that the criminals behind the attack were in it for the money, as their exploit installed many well-known moneymaking malware. These included “Zeus”, which tries to steal your banking information, and Dorkbot, which automatically generates clicks on advertisements from your computer, conning ad agents out of cash.

What can you do?

Unfortunately, there’s no way to know whether you’ve been infected by malware unless you run a virus scan. Windows comes with one of these built-in, but it’s widely recommend you purchase a detected anti-virus solution – like Norman – to take care of your computer.

Clean your computer now with our free tool: Malware Cleaner

Scan your computer with your Norman Antivirus: click here to lean how

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
 
Norman

The Author:

For Consumption Bloggers

Norman Safeground Blogs Archive