Wednesday, August 19, 2015

Yahoo! - Helps to Distribute Malware

I have said it to countless customers and I say it again, publicly and absolutely clear:
If you see advertisements while browsing the internet
then your computer is not set up safely!
I have said it to countless customers and I say it again, publicly and absolutely clear:
Stay away from Yahoo!
And I mean Yahoo! everything; email, finance, sports, EVERYTHING that comes from Yahoo! 

Here is a literal quote from (bolding and links added by yours truly):
Malwarebytes Labs recently uncovered a large malvertising attack on the Yahoo! advertising network that started on July 28. Malwarebytes estimates that up to 6.9 billion readers could have been affected, making it one of the largest malvertising attacks Malwarebytes Labs has seen recently.
Malvertising is defined as crafted advertisements that intentionally infect the computers of anyone who visits the site. A tiny piece of code hidden deep in the ad will reroute your computer to criminal servers without your knowledge, which then determines how exposed your computer is and decides which piece of malware to send you.

In the case of the Yahoo ad, victims are infected with ransomware via the Angler Exploit Kit, but it’s possible that anything from banking Trojans to additional advertising fraud is also being used in this attack.

Malwarebytes said that the infection included Yahoo's main site, as well as subgroups like News, Finance, Sports, Celebrity, and Games. The ads route users to a site on Microsoft Azure, which eventually leads to the Angler Exploit Kit.

But, according to a friend at Malwarebytes, when you are running Adblock Plus or any other ad blocker, then the ad never plays, so no payload is delivered to your PC. So the malware doesn't ever get to touch your PC. Even if you don't click on the ad, the fact is it loads and becomes saved in your browser cache, so it does get onto your PC without the blocker.
My customers do not need to worry about malvertising, they all have Adblock Plus installed. All others please listen up:

If you use ANYthing from Yahoo! and/or
if you see advertisements when web surfing
then your computer is UNSAFE!

Do yourself a favor, get your computer cleaned up and secured.
As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

For whatever reason the darned TOC (table of contents) feature that I got from Google does not work any longer, sorry.

No comments: