Yahoo serves up New Year malware to European customers

Malware on binary

Yahoo has confirmed a number of ads on its European sites were serving malware to visitors for three days over the New Year period.

The issue was first noted by Dutch IT security company Fox-IT, which said in a blog post it had detected and investigated infections suffered by clients who had visited yahoo.com.

According to the organisation, those who clicked on the ads were redirected to a Magnitude exploit kit, which can install various different malware including ZeuS, Andromeda and Necurs.

The malicious ads first appeared on 31 December until 3 January, after Yahoo removed them.

A Yahoo spokesperson told IT Pro: "At Yahoo, we take the safety and privacy of our users seriously. From December 31 to January 3 on our European sites we served some advertisements that...spread malware. Users in North America, Asia Pacific and Latin America...were not affected. Additionally, users using Macs and mobile devices were not affected."

The company said it is continuing to monitor the adverts appearing on its sites for any other suspicious activity.

Further information for users will also be posted shortly, the spokesperson said.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.