Flash bites again: Huge malware campaign on Yahoo ads hits millions

Page 1 of 2 12 LastLast
    Flash bites again: Huge malware campaign on Yahoo ads hits millions

    Flash bites again: Huge malware campaign on Yahoo ads hits millions


    Posted: 05 Aug 2015

    Yahoo has shut down a massive malware campaign that may have affected millions of visitors to its sites.

    Yahoo confirmed it had stopped the scheme, which began last week, which had been using Yahoo's ad network to infect end users PCs with malware. 'Malvertising', as it's known, is an increasingly common technique where an attacker essentially tricks an automated ad network into delivering malware embedded in ads. Malvertising is a silent killer because malicious ads do not require any type of user interaction in order to execute their payload. The mere fact of browsing to a website that has adverts (and most sites, if not all, do) is enough to start the infection chain," said Jérôme Segura, a senior security researcher at Malwarebytes, the security company that discovered the attack.

    According to Segura, over nearly a week the malicious ads, which were served through ads.yahoo.com, redirected Yahoo visitors to several different domains that ultimately exposed them to the Angler exploit kit. Some of those redirect domains were hosted on Microsoft's Azure, the researcher noted.

    Exploit kits contain attacks for flaws in widely-used browser plugins for Chrome, Firefox and Internet Explorer, such as Adobe's Flash Player, Oracle's Java, Microsoft's Silverlight, and others. Typically the exploits target computers running outdated versions of the plugins.

    Researchers revealed last week that another exploit kit dubbed RIG was infecting machines at a rate of 27,000 per day, primarily using malicious ads and a cocktail of recent Flash Player flaws.
    Source
    labeeman's Avatar Posted By: labeeman
    05 Aug 2015


  1. Posts : 1,811
    W7 Ultimate SP1 (64 bit), LM 19.2 MATE (64 bit), W10 Home 1703 (64 bit), W10 Pro 1703 (64 bit) VM
       #1

    Another good reason to ban Internet advertising (and Flash).

    "Old Media" should lobby the Government; "No one has ever caught PC malware from a newspaper ad."
      My Computer


  2. Posts : 22,740
    Windows 10 Home x64
       #2

    lehnerus2000 said:
    Another good reason to ban Internet advertising (and Flash).
    I could agree with Flash but Internet advertising is how John and others pay for sites like this one.
      My Computer


  3. Posts : 1,811
    W7 Ultimate SP1 (64 bit), LM 19.2 MATE (64 bit), W10 Home 1703 (64 bit), W10 Pro 1703 (64 bit) VM
       #3

    BunnyJ said:
    I could agree with Flash but Internet advertising is how John and others pay for sites like this one.
    I have no real objection to static ads (they could use gifs just like in the "Good Old Days").
      My Computer


  4. Posts : 22,740
    Windows 10 Home x64
       #4

    lehnerus2000 said:
    I have no real objection to static ads (they could use gifs just like in the "Good Old Days").
    +1.. add flash to anything can be problematic at best.
      My Computer


  5. Posts : 11,247
    Windows / Linux : Arch Linux
       #5

    lehnerus2000 said:
    Another good reason to ban Internet advertising (and Flash).

    "Old Media" should lobby the Government; "No one has ever caught PC malware from a newspaper ad."

    Hi there

    Actually not quite true -- well you can't get PC malware but you most certainly can get Scammed -- people have often replied via Newspaper ads to "Scams" etc -- in particular - "Ponzi Schemes" and Investment Boiler House schemes. There are all sorts of other Scams one could get lured into via a newspaper Ad. What about "Timeshares" on non existent properties etc etc.


    Scams have been around since Man ever started trading -- it's just that it's probably easier to become a "Scamee" (i.e a Victim) much quicker using the Internet than by using other conventional ways of advertising.

    The only way you could stop Scams is to ban TRADING of any sort -- That's just not going to happen.

    Education is the only answer :

    Remember "The Price of Education is expensive -- but the price of Ignorance is Astronomical". I don't know who first said that but it's even truer today than probably when that phrase was first coined.

    I do agree though Non Static ads are HUGELY irritating -- I can live with some STATIC advertising on sites -- things do have to be paid for - but irritating the customer seems the wrong way to go about it - especially as it leads to POORER security too.

    Cheers
    jimbo
      My Computer


  6. Posts : 19,516
    W11+W11 Developer Insider + Linux
       #6

    For very long time now I have Flash set to ask to initialize and don't have no Flash based live adds but at most leave black holes on screen. Wander if any of adds are made in HTML5 ?
      My Computers


  7. Posts : 360
    Windows 10 Pro x64
       #7

    Three programs that I keep off my computers are Adobe Acrobat, Java and Adobe Flash. Prevents a lot of problems.
      My Computer


  8. Posts : 1,557
    W10 32 bit, XUbuntu 18.xx 64 bit
       #8

    How do you tell if your infected or not? The way I back-up recently may have saved me. However, I may need to re-do a clean install of 10 and delete the backup image of windows 10. Firefox defaults to yahoo for search results.
      My Computer


  9. Posts : 19,516
    W11+W11 Developer Insider + Linux
       #9

    There's no guarantee that you will be infected, odds of getting infected are not great. Some unusual activity may suggest infection but there are many other more dangerous things. Malwarebytes and others like that can detect and clean, I also use Advanced cleaner and Avast Browser Cleanup.
    FF can be set to use Google and other search engines by default.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:36.
Find Us




Windows 10 Forums