ALERT! Yahoo! Hit with Malware ALERT!

Published On August 11, 2015 | By Tom Huskerson | News and Analysis

unnamedIn a stunning announcement Yahoo! reported it has shut down a massive malware campaign infecting billions of visitors to its websites. Some experts believe the website infected with the malware was visited as many as 300,000 times and hour. 

Malwarebytes discovered the scheme which ran from July 28th through August 3rd and used Yahoo!’s ad network to infect user’s computers with malware used for advertising.

Malvertising is a scheme where hackers trick automated advertising networks into delivering malware. The trick is becoming more and more common. This malware does not require the user to do anything to become infected. Simply browsing a website is enough to get infected. This is sometimes called a drive-by download.

Yahoo! and other big name search engines are prime targets of malvertisers because of the hundred of millions of ads they deliver daily through their advertising platforms

Jerome Segura, Senior Security Researcher at Malwarebytes said, “Malvertising is the silent killer because its does not require any type of user interaction in order to execute their payload.” Segura also warned that the victims of the attack could also have been infected with ransomware.

For nearly a week Yahoo! sites were delivering malicious ads through its ads.yahoo.com. Yahoo! users were re-directed to several different domains that exposed them to an exploit known as ‘Angler.’ According to Segura some of the sites that users were re-directed to were hosted by Microsoft’s Azure a cloud computing platform.

Security experts also revealed that another exploit named ‘RIG’ was also infecting computers at the rate of 27,000 a day. Both exploits are related to the numerous flaws recently revealed in the Adobe Flash Player software. The software is found on millions of computers to run video and games on websites.

This is not he first time that attackers have used Yahoo!’s advertising network to infect users. Last year the network was used to distribute a range of malware including a Bitcoin miner.

Malwarebyes claimed they notified Yahoo! of the situation and the company took immediate action and the exploit is no longer active. Yahoo issued the following statement:

Unfortunately, disruptive ad behavior affects the entire tech industry. Yahoo has a long history of engagement on this issue and is committed to working with our peers to create a secure advertising experience. We’ll continue to ensure the quality and safety of our ads through our automated testing and through the SafeFrame working group, which seeks to protect consumers and publishers from the potential security risks inherent in the online ad ecosystem.”

Malvertising attacks have been steadily increasing because they are so difficult to stop. According to RiskIQ attacks increased in the first half of this year at the rate of 260 percent.

James Pleger, Director of Research for RiskIQ stated ,” The major increase we have seen in the number of malvertisements over the past 48 months confirms that digital ads have become the preferred methods for distributing malware.”

Related information;

Yahoo Malware Removal

Microsoft Safety & Security Center Malicious Software Removal Tool

Breaking It Down

If you have a good anti-virus/anti-malware software on you computer you may be safe, but just maybe. Yo may want to visit Yahoos safety website that describes how to remove this malware if you have it. But again, this may or may not work. I am not sure how it has been since this website was updated. Update you anti-virus software and all your software just to be sure.

A drive-by download is extremely dangerous. All you have to do is visit the website and you got the virus or malware. Its nice to have an anti-virus that blocks you from even going to that website. If yours doesn’t do that then switch. NOW!

Google recently updated its search engine to warn user of suspicious website before you get t them.

This is about as serous as it gets. Yahoo! is a huge company with billions of websites listed in their search results and I’d guess trillions of ads delivered annually. Imagine if a bad actor had figured out a way to distribute ransomware through the search engine. It could have been the greatest calamity in Internet history. Don’t laugh. It could still happen.

All I can say at this point is to make sure you update your anti-virus frequently. Better yet, set it to update automatically. But even that may not be enough. Take the time to search RIG exploit removal tool and Angler exploit removal kit. Take my advice.

 

 

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Related Post

Tax Season 2022 – Beware Malware Tax Scam
MO SCAMS! MO SCAMS! MO SCAMS!
SCAM ALERT! – UPS Email Scam – SCAM ALERT!
Yet Another QR Code Scam!

Comments are closed.