Yahoo Advertising Serves Up Malware For Thousands 184
wjcofkc writes "Thousands of users have been affected by malicious advertisements served by ads.yahoo.com. The attack, which lasted several days, exploited vulnerabilities in Java and installed malware. The Netherlands based Fox-IT estimates that the infection rate was at about 27,000 infections per hour. In response to the breach in security, Yahoo issued the following statement, 'At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.' While the source of the attack remains unknown, Fox-IT says it appears to be 'financially motivated.' The Washington Post cites this incident as a reminder that Java has become an Internet security menace."
Source Unknown? (Score:5, Interesting)
Source unknown? Bullshit! Yahoo didn't run the ads without payment. Payment == traceable. Or is Yahoo accepting Bitcoins now?
adaware (Score:5, Interesting)
Re:Yahoo is getting worse everyday (Score:5, Interesting)
yep, blocked *.yahoo at the point i noticed them installing psudo-malware with uTorrent (the persistent default search engine replacement software which uses far more CPU time than something that supposedly just monitors search engine settings and resets them to Yahoo should. It was very malware like in it's choice of installation folder too and of course the fact it was both unwanted and self-repairing)
once a company starts doing that shit they end up on my block list, permanently. uTorrent made it too for bundling the crap.
sounds like I dodged a bullet by having them blocked.
Re:Become? (Score:5, Interesting)
RequestPolicy for FireFox is great as well.
Re:And this is why... (Score:4, Interesting)
ScriptSafe + DoNotTrackMe + Ghostery + AdBlockPlus are what I have in Chrome.
ScriptSafe does about the same as NoScript.
Re:Image/text only ads (Score:4, Interesting)
Re:Image/text only ads (Score:4, Interesting)
I use NoScript all the time. Just recently...the last few week actually...I started noticing that a number of things on yahoo finance just plain stopped working because they required javascript from yimg.com...as if I'm going to allow that...ffs.