Millions of users exposed to drive-by malware attacks that targeted Java bugs to install six types of malicious code
Yahoo.com visitors received an unexpected surprise beginning on New Year's Eve: advertisements that targeted their systems with malware.
The malicious advertising campaign was first spotted on Friday by Dutch information security consulting firm Fox-IT, which immediately warned Yahoo. Fox-IT said in a blog post that the attack advertisements -- which were being served by ads.yahoo.com -- used iFrames to hide malicious scripts. If a user clicked on the advertisement, they were redirected to a site that hosted the "Magnitude" exploit kit, which then attempted to exploit any Java vulnerabilities present on their system to install malware.
"The attackers are clearly financially motivated and seem to offer services to other actors," said Fox-IT, noting that the exploit kit behind the attacks dropped six different types of malware, including the Zeus banking Trojan, Dorkbot, and a click-fraud Trojan. The greatest number of users targeted by the malicious advertisements were in Romania (24%), the United Kingdom (23%), and France (20%), according to Fox-IT.
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024