Yahoo update: Malware attacks more widespread than at first thought

Yahoo update: Malware attacks more widespread than at first thought

Summary: [UPDATED] Initial reports that only European sites were affected were incorrect; a small number of users outside were also served Bitcoin mining malware from Yahoo ads.

SHARE:
TOPICS: Security
5

A week ago reports emerged that Yahoo's ad network was serving malware. Those initial reports said that only European sites were affected between December 31 and January 3. After further investigation, Yahoo now says the period of attack was from December 27, 2013 - January 3, 2014, and that a small number of users outside of Europe may have been affected.

Yahoo adds that the vector for the attack was a compromised account. They have shut down that account and are working with law enforcement to investigate the breach.

The attack was used to spread Bitcoin mining malware. The malware, discovered by security company Light Cyber, is built for a variety of payloads.

[UPDATE: SurfRight, via their HitmanPro blog, says that the Bitcoin mining angle is overblown and that the attack in fact delivered a wide variet of malware.]

Yahoo advises that users run Windows Update to apply the latest fixes to Windows, update Java to the current version, download the latest version of Adobe products and run an updated antivirus program.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Antivirus

    "Yahoo advises that users [...] run an updated antivirus program."

    Why doesn't Yahoo simply check their ads for viruses? I know that won't happen so I run AdBlock just to avoid malware.
    Sacr
  • Okay

    And how about telling us which operating systems this was used on...
    slickjim
    • Why would that be an issue?

      "And how about telling us which operating systems this was used on..."

      Why would that matter? We all know it's the most popular desktop OS out there, Windows.
      Why target 10% of the systems vs. 90% of the systems if you're looking to mine on a grand scale?

      You go after the 90%. Getting the 10% would take close to 10 time longer to get your bitcoins...
      William.Farrel
      • "We all know it's the most popular desktop OS out there, Windows."

        Most ubiquitous, yes. Most popular? Well,……if you consider that the great majority of Windows users are using it because it was decreed by their employer and not because they chose it, "most popular" may not be entirely accurate.
        Userama
  • Bitcoin mining malware.

    just want you want to hear, now you get to mine bitcoins for criminals, for use by criminals !!

    Gotta love those BTC's !!!!
    Aussie_Troll