A week ago, an ad-related malware attack was first reported by Yahoo and now the company has provided some additional information concerning it. It has been said that this malware attack affected about 2 million PC users and it also put the personal information of all Yahoo users in jeopardy. The company further detailed that the attack seemingly started about four days before it was previously thought of and it is also possible that some people outside of Europe may also have been hit.
On Friday, the company made a post on its Yahoo Help website through which it informed people that although the bulk of the malicious advertisements had targeted European users, there might be a small number of users outside Europe who may have suffered at the same time. Previously, FoxIT, a security company based in Netherlands had announced that the countries, which were hardest hit by the attack included Romania, France and the UK. Yahoo also mentioned on Friday that between December 27th and January 3rd, there was a good chance that some Yahoo service users had been affected. Initially, the company had announced that the attack had occurred on 3rd January, but they later changed the dates and said it was between December 31st and 3rd January.
Before the issue was addressed by Yahoo, malware might have been served to visitors on Yahoo websites and also users of other services such as Yahoo IM and Yahoo Mail through the Yahoo network. Surfright, another Dutch security company had stated earlier this month that because of the malware campaign, about 2 million computers had been affected and this malicious code could also include exploits such as the disabling of antivirus software, the theft of usernames and passwords and control of computers via remote control. It isn’t clear as yet if the new date announced is an indicator of the increasing number of computers that have been affected.
Light Cyber, a security company based in the US said that the purpose of the malware programs was to move the infected machines into a Bitcoin mining operations. On January 5th, it was also announced by Surfright that the malicious iframe was not a part of every advertisement that exists on the Yahoo network. However, it was highly likely that your computer was infected if uses have used Yahoo Mail services for the last six days or their computer is functioning on an outdated version of Java Runtime. Yahoo also asserted clearly that individuals who used the company’s services on mobile devices or Macs were not susceptible to the infection.
In the latest post of the company, Yahoo also clarified that an account was compromised and that’s how the attack took place. The company mentioned that the account had been shut down and they were diligently working with the law enforcement for investigating this issue. Yahoo announced that users who are worried regarding their security should install the latest patches and should update their Java and Adobe software in order to reduce the risk.