Yahoo’s Advertising Server hit by Hacker, Hundreds of Thousands of Users Infected with Malware
The whole point of an advertisement is to get people to click on it. When people click on ads, however, they usually do not expect to be hit with malware. Unfortunately, that is just what has happened to hundreds of thousands of Internet users who clicked on ads on Yahoo as of late. Two security firms have confirmed that Yahoo’s advertising servers have been hacked and hit with malware. The security firms said that it is appears that the advertising network was hacked by malicious parties who want to use this network for their own gains.
One security firm in the Netherlands, Fox IT, said that any Internet users who visit Yahoo.com receive advertisements by Ads.Yahoo.com. As it turns out, some of these ads contained malware. The company went on to explain that instead of serving ads to people, Yahoo’s servers have been sending out exploit kits that help malware find vulnerabilities in Java. By doing this, it is able to install malware on people’s computers.
It is believed that the network was hacked to put this malware into the Yahoo network. That being said, it is possible that the malware was uploaded simply by submitting an ad to Yahoo that had malware built in. If no one caught the malware, then Yahoo would have put it up on its network without the person having to break in. Yahoo does have a system for filtering out these kinds of submissions, but just like any system, it can miss certain things.
According to Fox IT, Yahoo users have been getting infected since December 30. When this was finally discovered on January 3, the firm said that around 300,000 people had loaded the malware. It is likely, however, that only around 27,000 or 9 percent of these people were actually infected. The number of people who have been infected has started to drop off.
It is not completely clear right now just what the group is trying to accomplish with this malware. However, Fox IT does believe that it is financially motivated. If this is the case, it is likely that they are trying to sell the control of victims’ computers to online criminals.
The main thing to remember is that the malware was looking for holes in Java, which has been an ongoing problem. In fact, legitimate Web developers have stopped using Java due to all of its security flaws. A lot of browsers are now moving towards blocking Java altogether. If you are still using a browser that supports Java, make sure that you disable it. Keep in mind, however, that Java and JavaScript are two completely separate things.
As said above, a lot of Web browsers already block this kind of thing. For example, Firefox 26 has now blocked all Java by default. There are some browsers that do not do this. It is always a good idea to check that Java is not on your computer. You can always visit the Java website and click on the link that says “Do I have Java.” You can then click on verify to see if Java is on your computer. If your computer is Java free, the website will say that it could not identify your current version of Java … which is a good thing.