Malware advertising on Yahoo.com has infected thousands of website visitors through desktops and mobile devices.
The Internet security firm Fox-IT broadcast the malware infection on Jan. 3rd, which entailed malicious ads being served by ads.yahoo.com using cross-site scripting. The iframes from the ads were directed to infect files on non-Yahoo servers.
Visitors were redirected to an exploit kit called “Magnitude.”
For the malware ads to be downloaded, the visitors did not have to click on the specific malware ad. The iframe-based attack also shows Web ad servers need not be compromised. So just by seeing the ad you are at risk of being infected!
Oscar Marquex, the chief product officer at Redwood City, California based cloud security provider Total Defense, has predicted larger attacks as a way of infecting as many systems as possible.
Marquez believes the party involved with the Yahoo.com attack was just “testing the water”. It is forecasted more intricate exploits will be seen as hackers seek to establish a “distribution model” based on effective iframe attacks.
China-based hackers are copying security breaches like the Yahoo malware ad attack to develop new exploits.
The enterprise customers will seek every possible security angle to see what advantage hackers have on vulnerabilities.
After detecting the malicious ads on Yahoo.com, Fox-IT said it investigated the infection of its clients’ systems that visited the website. Based on the traffic, Fox-IT estimated the number of visits to the malicious site is about 300,00 per hour. That is an infection rate of 9%, and is projected to have about 27,000 infections an hour.
The Yahoo attack raises concerns about third-party security, especially with ad networks. The attack displays a “thriving marketplace” for malware atacks and security threat.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
Malvertising attacks via Yahoo ads may precede broader iframe attacks – Search Security