In the past, Yahoo has been criticized often for its numerous security breaches. The company is yet again in difficult waters, with security experts citing that a malware is being used to target any Yahoo.com visitors.
The problem was first highlighted by Fox-IT, a firm based in Netherlands. The company stated in a blog post that, ‘On January 3 we detected and investigated the infection of clients after they visited yahoo.com. Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious.’
These malicious advertisements, somehow displayed to Yahoo visitors, are hosted on non-Yahoo domains. There’s the possibility that Yahoo’s ad network was somehow compromised in a way that hackers are now trying to leverage it to install malware on the machines of Yahoo.com visitors. Alternatively, as a security researcher Ashkan Soltani speculates, it may just be that the malicious software was submitted as ads and went unnoticed by Yahoo’s ads-filtering system.
Interestingly, the authors of the malware decided to make use of Java vulnerabilities which yet again highlights how Java has become a perpetual risk. A more detailed investigation into the matter reveals that the malware infection from Yahoo.com may have been going on ever since Dec 30.
Yahoo hasn’t exactly stated whether or not it has resolved the problem yet. But the company reportedly says that it is ‘taking steps to fix’ the whole thing. Let’s hope the company does so before the malware successfully infects many users.
Courtesy: Business Insider