By Staff Reporter (staff@latinospost.com) | First Posted: Jan 07, 2014 09:30 PM EST
Tags Yahoo!, Yahoo malware attack, Yahoo update, Yahoo malware attack update

Thousands of Yahoo! users, especially those in Great Britain, Romania, and France, have been scratching their heads over out-of-the-blue advertisements whenever they visited the site. Fox IT, a Netherlands-based security firm, said that's because Yahoo's ad servers have been infiltrated by "malicious parties" who used the said network "for their own ends." What end? Apparently, to launch malware attacks.

"Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious," Fox IT reported in its blog Friday. This means that, instead of showing the usual ads, Yahoo's servers sends users an "exploit kit" that enables them to take advantage of the "vulnerabilities in Java" and install various malware.

"Given a typical infection rate of 9%, this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Great Britain and France. At this time it's unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo," Fox IT explained in its update. "It is unclear which specific group is behind this attack, but the attackers are clearly financially motivatedand seem to offer services to other actors."

The Washington Post reported that Mark Loman, another security researcher from the Netherlands, has also observed the malware attack.

Yahoo has issued a response to the press regarding the exploit:

"At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.

"From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines -- specifically, they spread malware. On January 3, we removed these advertisements from our European sites."

The said attacks didn't affect users in the Asia Pacific, North American, and Latin American regions. Those using mobile devices and Macs were also spared from the attack.

Interestingly, the firm has not posted the said statement in its Tumblr blog.

© 2015 Latinos Post. All rights reserved. Do not reproduce without permission.