Security researchers at Fox IT say they’ve detected a malicious exploit kit among Yahoo’s ad network active since December 30th. The malware seems to have hit Romania, Great Britain, and France the hardest, but wherever you are, if you’ve browsed a Yahoo site this week, you may want to run a scan or two.
Two Internet security firms have reported that Yahoo’s advertising servers have been distributing malware to hundreds of thousands of users over the last few days. The attack appears to be the work of malicious parties who have hijacked Yahoo’s advertising network for their own ends. Fox IT, a security firm based in the Netherlands, wrote a blog post on Friday describing the problem. “Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious,” the firm reported. Instead of serving ordinary ads, the Yahoo’s servers reportedly sends users an “exploit kit” that “exploits vulnerabilities in Java and installs a host of different malware.”