1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Yahoo! Distributing Malware

Discussion in 'BlackHat Lounge' started by Asif WILSON Khan, Jan 7, 2014.

  1. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,112
    Likes Received:
    28,543
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    Two separate Internet security firms have reported that over the past several days, Yahoo?s advertising servers have been distributing malware to visitors to Yahoo! properties, and other sites that have the Yahoo! ads being displayed. It is believed that the malware was put onto the advertising servers by malicious parties who found a way to hijack the ad network.
    A blog post written by Fox IT, a respected security firm in the Netherlands, said, ?Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious.? It went on to say that the Yahoo servers send the users an exploit kit which, ?exploits vulnerabilities in Java and installs a host of different malware.?
    At this point it is not clear whether Yahoo?s advertising servers were hacked, or if an advertisement was written with the malware, and then submitted via the normal channels, and happened to make it past Yahoo?s screening process.
    According to the reports, visitors to Yahoo properties have been getting infected with this malware since at least December 30th. When it was discovered, Fox IT says it was delivering the exploit kit to around 300,000 users per hour. Due to anti-malware software and other factors, only about 9% of those 300,000 actually got infected by the malware. This is still 27,000 users per hour, which is a significant rate of infection.
    The other security firm that confirmed the malware was Surfright, also based in the Netherlands. Surfright is a maker of anti-virus software.
    A Yahoo spokeswoman said in an email to the Washington Post, ?At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.? Yahoo also confirmed that this attack did not affect users in North America, or anyone who used mobile devices or MAC computers.
    The investigation is still undoubtedly ongoing by Yahoo?s security team. Anyone who visits any Yahoo properties should run the anti-malware software of their choice to confirm they have not been infected.

    http://performinsider.com/2014/01/yahoo-distributing-malware/
     
    • Thanks Thanks x 1
  2. royserpa

    royserpa Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 28, 2011
    Messages:
    4,641
    Likes Received:
    3,491
    Gender:
    Male
    Occupation:
    Negative Options aka Rebills!
    Location:
    Royserpa
    Home Page:
    Well if you cant win on the SEs game, their next strategy might be an antivirus.
    First they infect many people and then they will launch their antivirus.

    PS: I didnt read post xD
     
  3. ReidBurnham

    ReidBurnham Newbie

    Joined:
    Jan 6, 2014
    Messages:
    20
    Likes Received:
    5
    It was put voluntarily by Yahoo at the request of the National Security Administration.