The bombshell report dropped last week and even though it is unclear why Yahoo was served with the confidential order, it has been reported that the government was "looking for a specific digital signature of a communications method used by a state-sponsored, foreign terrorist organization."
Sources claim that the malware was flagged by Yahoo's internal security during a routine checkup. "They assumed it was a rootkit installed by hackers," said the anonymous ex-employee source. "If it was just a slight modification to the spam and child pornography filters, the security team wouldn't have noticed and freaked out. It definitely contained something that did not look like anything Yahoo mail would have installed. This backdoor was installed in a way that endangered all of Yahoo users."
A high-severity security alert was issued within Yahoo's internal tracking system and it got to CIO Alex Stamos who at that point was told that it was installed on purpose. The alert was then "covered up" and "closed...fast enough that most of the [security] team didn't find out."
Stamos now works for Facebook, and there has been whispers that this cover-up led to his resignation.
Source:
Motherboard
Written by: Andre Yoskowitz @ 9 Oct 2016 16:52