The news article below says it was only a few countries in Europe and Mac people are safe. But I can tell you as a Mac using American, I was hit. ...I finally recovered just moments ago. It took me all night to purge the malware and restore my system. I recommend all you Flickr users run a sweep on your system and look for JAVA exploits. (btw, JAVA effects Mac and PC alike.)
News Article HERE
UPDATED News HERE:
UPDATED News HERE:
Yahoo Ads Hack Spreads Malware
Millions of users exposed to drive-by malware attacks that targeted Java bugs to install six types of malicious code. by Mathew J. Schwartz
Yahoo.com visitors received an unexpected surprise beginning on New Year's Eve: advertisements that targeted their systems with malware. The malicious advertising campaign was first spotted on Friday by Dutch information security consulting firm Fox-IT, which immediately warned Yahoo. Fox-IT said in a blog post that the attack advertisements -- which were being served by ads.yahoo.com -- used iFrames to hide malicious scripts. If a user clicked on the advertisement, they were redirected to a site that hosted the "Magnitude" exploit kit, which then attempted to exploit any Java vulnerabilities present on their system to install malware. "The attackers are clearly financially motivated and seem to offer services to other actors," said Fox-IT, noting that the exploit kit behind the attacks dropped six different types of malware, including the Zeus banking Trojan, Dorkbot, and a click-fraud Trojan. The greatest number of users targeted by the malicious advertisements were in Romania (24%), the United Kingdom (23%), and France (20%), according to Fox-IT. By late Friday, Fox-IT reported that "traffic to the exploit kit has significantly decreased," meaning that whatever steps Yahoo was taking to block the attack appeared to be working. How long did the attacks last? Fox-IT said the attacks appeared to have begun on Monday, Dec. 30. Yahoo initially disagreed, saying in a statement on Friday, Jan. 3, that the attacks had started that day. But by Monday, the company had revised its assessment. "Upon further investigation, we discovered that the advertisements were served between December 31 [to] January 3 -- not just on January 3," a company spokeswoman said via email. Yahoo said it acted quickly after learning of the attacks, and said they appeared to target only European users. "These advertisements were taken down on Friday, January 3," the spokeswoman said. "Users in North America, Asia Pacific, and Latin America were not served these advertisements, and were not affected. Additionally, users using Macs and mobile devices were also not affected." "We will continue to monitor and block any advertisements being used for this activity," she added. "We will be posting more information for our users shortly." How many Yahoo.com visitors may have been exploited by the attacks? By Fox-IT's reckoning, based on the sample traffic it recorded -- about 300,000 visitors to the malicious site per hour -- and malware being dropped onto an average of 9% of those systems, it's likely that about 27,000 systems were infected every hour. Assuming that the attack campaign lasted for three days, that means 2 million Yahoo users may have been infected by malware via the attack campaign. Who launched the attacks? That's not clear, although the exploit kit used by attackers "bears similarities to the one used in the brief infection of PHP.net in October 2013," said Fox-IT. In that attack, two of the servers running the PHP.net site were hacked and used to serve JavaScript malware. This isn't the first information security or infrastructure snafu to affect Yahoo users in recent months. In September, the company introduced a "Not My Email" button after users of recycled account names reported that they'd received sensitive personal information intended for former accountholders. Last month, meanwhile, some users of Yahoo Mail -- which CEO Marissa Mayer has made a priority of overhauling, and which was redesigned in June 2013 -- were unable to access their webmail for up to three days. Yahoo's senior VP of communications products, Jeff Bonforte, apologized for the email outage, which he said resulted from "a hardware problem in one of our mail data centers," and which had been "harder to fix than we originally expected."
Ugh... WHAT a way to start the year already.... *sigh* gonna start exorcism my laptop
ReplyDeletelol. Yeah. *hands you some holy water to sprinkle on your digital devices*
Delete