Yahoo! Inc. (NASDAQ:YHOO) admitted Sunday that its European websites spread malicious software last week, infecting thousands of users in the region. A Yahoo! Inc. (NASDAQ:YHOO) spokesman said in a statement that the company observed on January 3 that ads served on some of its European websites didn’t comply with its editorial guidelines. The digital media company said it immediately removed malicious ads. Yahoo! Inc. (NASDAQ:YHOO) said that Mac and smartphone users were not affected.
Still unclear which group attacked Yahoo’s ad network
Netherlands-based Internet security firm Fox IT reported Friday that Yahoo! Inc. (NASDAQ:YHOO)’s advertising servers had been distributing malicious software since at least December 30. Some malicious parties might have hijacked the company’s advertising network to serve their ill-intent. Fox IT said that users in Europe were served advertisements by ads.yahoo.com. Rather than displaying ordinary ads, the servers would send users an “exploitation kit.” It installs a number of malware on the users’ device by exploiting loopholes in Java.
Malware is a program that disrupts a PC’s operations, collects sensitive information and gains access to private data. Yahoo! Inc. (NASDAQ:YHOO) has been targeted in the past. Last year, the company’s site was hacked and more than 400,000 passwords were leaked.
Yahoo’s security efforts reduce the volume of infections
Fox IT said the malicious ads were being delivered to more than 300,000 users per hour. And 9% of them, or about 27,000 devices were being infected every hour. The Internet security firm said the volume of infections has fallen over the weekend, which may be due to Yahoo! Inc. (NASDAQ:YHOO)’s efforts. It’s still unclear who is behind the attack. But Fox IT thinks attackers are financially motivated. They might be selling control over the victims’ systems to other criminals.
Java is increasingly being targeted by attackers, indicating that it’s now a security menace. Vulnerabilities in Java have prompted a decline in its popularity. Many vendors are gearing up to block the technology outright. Experts recommend users to disable Java as a precaution if their browser supports it.
Yahoo! Inc. (NASDAQ:YHOO) shares gained 0.15% in pre-market trading to $40.18.
