Martech: Martech is Marketing Logo
  • Topics
    Digital Transformation
    Marketing Operations
    Data
    Customer & Digital Experience
    Performance Marketing
    Marketing Management
    Special Reports
    MarTech Topics
  • Conference
  • Webinars
  • Intelligence Reports
  • White Papers
  • What is MarTech
    Mission
    Staff
    Newsletter
    Search Engine Land
    Third Door Media

Processing...Please wait.

MarTech » Performance Marketing » Yahoo Ad Network Targeted In Malvertising Attack Seeking Flash Vulnerability

Yahoo Ad Network Targeted In Malvertising Attack Seeking Flash Vulnerability

The campaign was disabled after running for six days last week.

Ginny Marvin on August 5, 2015 at 10:40 am

yahoo-purple-sign-1920

A group of hackers took advantage of Yahoo’s popular network of sites to perpetrate a wide-spread attack on visitors to those sites through ads. The aim was to get malware onto users’ computers and take advantage of outdated versions of Flash running on their machines.

The malicious advertising (“malvertising”) campaign began on July 28, according to online security software firm Malwarebytes, which detected the activity. The New York Times reports that the hackers bought ads across the Yahoo network. When users on Windows machines visited those sites, the malicious ads could automatically download malware onto unprotected computers. The malware then searched for an outdated version of Adobe Flash through which it could take over the computer and either demand ransom from the user to get control back or generate revenue for the hackers by driving Web traffic to websites that pay them for visits.

A Yahoo spokesperson said of the attack, “As soon as we learned of this issue, our team took action and will continue to investigate this issue. Unfortunately, disruptive ad behavior affects the entire tech industry. Yahoo has a long history of engagement on this issue and is committed to working with our peers to create a secure advertising experience. We’ll continue to ensure the quality and safety of our ads through our automated testing and through the SafeFrame working group, which seeks to protect consumers and publishers from the potential security risks inherent in the online ad ecosystem.”

The campaign ran for about a week, according to Malwarebytes. Yahoo was able to stop the activity and remove the malware from the network soon after the security firm notified it.

It’s not clear how many users were affected by the campaign, but a Yahoo spokesperson told the Times that the “scale of the attack was grossly misrepresented in initial media reports, and we continue to investigate the issue.”

Exploiting Adobe Flash is not new, and continued vulnerabilities recently led Mozilla, Facebook and others to call for its end. Adobe is urging users to keep their versions of Flash up-to-date for “the latest security updates.”


Opinions expressed in this article are those of the guest author and not necessarily MarTech. Staff authors are listed here.


New on MarTech

    How clean, organized and actionable is your data?
    Replacement Survey: The top 5 solutions replaced
    What’s the biggest hidden secret in Google Ads?
    Native video tops social media in brand awareness study
    Worsening economy has more shoppers getting online info before making in-store purchases

About The Author

Ginny Marvin
Ginny Marvin was formerly Third Door Media’s Editor-in-Chief, running the day-to-day editorial operations across all publications and overseeing paid media coverage. Ginny Marvin wrote about paid digital advertising and analytics news and trends for Search Engine Land, Marketing Land and MarTech Today. With more than 15 years of marketing experience, Ginny has held both in-house and agency management positions. She can be found on Twitter as @ginnymarvin.

Related Topics

Performance Marketing

Get the daily newsletter digital marketers rely on.

Processing...Please wait.

See terms.

ATTEND OUR EVENTS The MarTech Conference logo.

September 28-29, 2022: Fall

Start Training Now: Master Classes

Start Discovering Now: Spring



The SMX Conference logo.

Start Training Now:: SMX Advanced

November 14-15, 2022: SMX Next

March 8-9, 2022: Master Classes

Webinars

Agencies: Grow Revenue Streams Through Web Accessibility & Compliance

Protect Your Paid Advertising Spend Against Ad Fraud and Invalid Traffic

Build an Integrated Search Strategy Across Google, Amazon and YouTube

See More Webinars
Intelligence Reports

Enterprise SEO Platforms: A Marketer’s Guide

Enterprise Identity Resolution Platforms

Email Marketing Platforms: A Marketer’s Guide

See More Intelligence Reports
Featured White Paper

Site Search 101

See More Whitepapers

Receive daily marketing news & analysis.

Processing...Please wait.

Topics

  • Transformation
  • Operations
  • Data
  • Experience
  • Performance
  • Management
  • All Topics
  • Home

Our Events

  • MarTech
  • Search Marketing Expo - SMX

About

  • What is MarTech
  • Contact
  • Privacy
  • Terms Of Use
  • Marketing Opportunities
  • Staff

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • Newsletters
  • RSS

© 2022 Third Door Media, Inc. All rights reserved.