Yahoo Ad Network Charged With Distributing Malware To Millions Of Users Outside Of US

According to a report this weekend on Washington Post’s technology blog The Switch, two Netherland internet security firms revealed that Yahoo’s advertising servers were inadvertently distributing malware. According to a statement from a Yahoo spokesperson sent to the Washington Post: At Yahoo, we take the safety and privacy of our users seriously. We recently identified […]

on January 6, 2014 at 11:26 am | Reading time: 2 minutes
Chat with MarTechBot

yahoo-logo-2013-cleanAccording to a report this weekend on Washington Post’s technology blog The Switch, two Netherland internet security firms revealed that Yahoo’s advertising servers were inadvertently distributing malware.

According to a statement from a Yahoo spokesperson sent to the Washington Post:

At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.

The statement from Yahoo prompted a follow-up report by the Washington Post clarifying that the malware attack had not affected users in North America, Asia Pacific and Latin America, or users on Mac and mobile devices. “Presumably that means that Windows users on other continents — including Europe, where the problem was first spotted — were hit by the attacks,” wrote Washington Post reporter Timothy Lee. Yahoo told the Washington Post that the malicious ads started on December 31.

The Netherland internet security firms that discovered the malware attacks were Fox IT and anti-virus software provider SurfRight. Fox IT published a blog post on January 3, reporting that some of the ads being served by ads.yahoo.com were malicious, redirecting users to an exploit kit:

Based on a sample of traffic we estimate the number of visits to the malicious site to be around 300k/hr. Given a typical infection rate of 9% this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Great Britain and France.

The Fox IT blog post went on to claim that their reports showed the attacks may have started as early as December 30, even though Yahoo claims the initial date the malware attacks began were December 31.

According to a post on SurfRight’s blog, the malware attacks may have resulted in click fraud, the disabling of anti-virus software, and theft of usernames and passwords.

Contributing authors are invited to create content for MarTech and are chosen for their expertise and contribution to the martech community. Our contributors work under the oversight of the editorial staff and contributions are checked for quality and relevance to our readers. The opinions they express are their own.

Add MarTech to your Google News feed.    Google News

Related stories

New on MarTech

About the author

Amy Gesenhues
Contributor
Amy Gesenhues was a senior editor for Third Door Media, covering the latest news and updates for Marketing Land, Search Engine Land and MarTech Today. From 2009 to 2012, she was an award-winning syndicated columnist for a number of daily newspapers from New York to Texas. With more than ten years of marketing management experience, she has contributed to a variety of traditional and online publications, including MarketingProfs, SoftwareCEO, and Sales and Marketing Management Magazine. Read more of Amy's articles.

Related topics

Performance marketing