Malware Targets Users Visiting Yahoo.com, Security Firm Reveals

In the past, Yahoo has been criticized often for its numerous security breaches. The company is yet again in difficult waters, with security experts citing that a malware is being used to target any Yahoo.com visitors.


Yahoo

The problem was first highlighted by Fox-IT, a firm based in Netherlands. The company stated in a blog post that, ‘On January 3 we detected and investigated the infection of clients after they visited yahoo.com. Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious.’

These malicious advertisements, somehow displayed to Yahoo visitors, are hosted on non-Yahoo domains. There’s the possibility that Yahoo’s ad network was somehow compromised in a way that hackers are now trying to leverage it to install malware on the machines of Yahoo.com visitors. Alternatively, as a security researcher Ashkan Soltani speculates, it may just be that the malicious software was submitted as ads and went unnoticed by Yahoo’s ads-filtering system.

Interestingly, the authors of the malware decided to make use of Java vulnerabilities which yet again highlights how Java has become a perpetual risk. A more detailed investigation into the matter reveals that the malware infection from Yahoo.com may have been going on ever since Dec 30.

Yahoo hasn’t exactly stated whether or not it has resolved the problem yet. But the company reportedly says that it is ‘taking steps to fix’ the whole thing. Let’s hope the company does so before the malware successfully infects many users.

Source: Fox-IT

Courtesy: Business Insider

[ttjad keyword=”mac”]

Salman

Salman Latif is a software engineer with a specific interest in social media, big data and real-world solutions using the two.Other than that, he is a bit of a gypsy. He also writes in his own blog. You can find him on Google+ and Twitter .

Leave a Reply