Cybercriminals use different methods to gain access to your computers in a hope to get information they can use for their benefits. Most of the Internet users think that cybercriminals’ activities are limited to smaller websites only. But this proved wrong when Yahoo was found to be a victim of malvertising yesterday.
Malvertising is a method to download malicious code to your computers when you visit an infected website. The malicious code(s) are embedded in advertisements appearing on a website and download themselves to computers of users that visit the websites.
Malvertising is especially dangerous because it does not require any action on the users’ part such as clicking the ad. Simply visiting the infected website is enough to compromise users’ computers and/or other devices.
It is not known how long was Yahoo infected. The cybercriminals used Microsoft Azure based websites to host malicious codes that were used in the malvertising attack on Yahoo.
Researchers at Malwarebytes were the first to detect the malicious infected advertisements on Yahoo’s main page. They notified Yahoo on Monday following which, Yahoo took down the malicious advertisements.
The Internet traffic to Yahoo is approximately 6.9 billion users per month. With that kind of numbers visiting Yahoo over the past few days, it is not easy to determine how many computers were infected due to the malicious advertisements. According to Jerome Segura, the senior security researcher at Malwarebytes, the attack might have started on July 28, 2015 and continued up to Monday (Aug 3, 2015) when Yahoo took down the ads as follow up to the notice sent to Yahoo by Malwarebytes. In his blog, Jerome said that it is one of the biggest malvertising attack seen till date.
Meanwhile, Yahoo said that it blocked the advertiser but declined to comment on the possible number of computers infected. It said that the impact of attack was grossly misrepresented by media and that they were investigating the issue.