Thousands of Yahoo users hit by 'malvertisements'
Most internet ads are either annoying (splashy car ads that freeze up your browser) or suspect (‘Try this one WEIRD way to get rid of your belly fat!’). But at the weekend, thousands of Yahoo users were infected with malware thanks to a bunch of dodgy adverts inserted into the Yahoo site.
The ads have since been taken down, but on Yahoo’s European sites hackers managed to post ads that directed users to a page that hosted something called the ‘Magnitude’ exploit kit. By targeting vulnerabilities in Java, the kit installs a bunch of crap on your computer, including trojans and ad-clicking malware.
Yahoo thinks these ads have been up since December 30th but it could be for longer, and at the moment nobody knows how they got there or even the motivation for the attack. But what makes these malvertisements super evil is that you don’t have to click anything – you just load a trusted website and bad things start to happen. (Unless you’re a Mac user – your shield of First World smugness will have protected you).
On Friday around 27,000 people an hour were being infected in the UK, Romania and France. If you’ve been malvertised at, you need to uninstall Java or disable it in your browser. In fact, you should probably do that anyway, because it’s bloody annoying.
You should also run a software update and update your security software. Oh, and get the hell off Yahoo –do you live in 1994 and buy your coffee at Central Perk?