Yahoo’s advertising server was hit by a malware attack, sending malicious ads out to thousands of users around the world.
An Internet security firm, Fox-IT, said the malware actually contained an “exploit kit” that rooted out and exploited vulnerabilities in Java, and installed malicious programs, CNN reported.
“Clients visiting yahoo.com received advertisements served by ads.yahoo.com,” the Internet security firm said, in a statement reported by CNN. “Some of the advertisements are malicious.”
Yahoo said it’s aware of the attack and is currently blocking the infected ads. But tens of thousands have already been impacted.
“Given a typical infection rate of 9 percent, this would result in around 27,000 infections every hour,” the company said, CNN reported. “Based on the same sample, the countries most affected by the exploit kit are Romania, Great Britain and France. At this time, it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo.”
The bigger threat from the malware: If the computer with the malware is hooked up to a network, hackers can break into other systems.