From PC World: Yahoo said Monday it had removed malware from its advertising network, after malicious code there had gone undetected for at least six days.
Security researchers at Malwarebytes said they discovered malicious ads planted in Yahoo’s network on Sunday and alerted Yahoo. The malware attack had been underway since last Tuesday, wrote Jerome Segura, a senior security researcher at Malwarebytes Labs.
The malware was found in Yahoo’s ads network at ads.yahoo.com, which runs ads across Yahoo’s sites like its finance, games and news portals, as well as Yahoo.com. Users may have come across the infected ads when visiting Yahoo’s sites.
A Yahoo spokeswoman declined to say how many advertisers were affected.
The attack used a method known as malvertising, in which attackers dupe online publishers into running malicious ads. They look like any other ads and may not require any interaction from users to infect their machines. If a visitor comes across a malicious ad, it can cause their browser to redirect to another site that attacks their computer.
View: Article @ Source Site
