Two security firms first brought the situation to light, including Fox IT, who wrote: "Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious." The regular ads were replaced with an "exploit kit" that "exploits vulnerabilities in Java and installs a host of different malware."
The malware appears to have started on December 30th, and lasted a few days. Yahoo says, "At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity."
While they were active, "malicious payloads were being delivered to around 300,000 users per hour," said Fox IT, who estimates 27,000 users per hour were clicking on them and becoming infected.
Written by: Andre Yoskowitz @ 5 Jan 2014 17:58