Yahoo serves up New Year malware to European customers

Malicious adverts infect users’ computers.

Malware on binary

Yahoo has confirmed a number of ads on its European sites were serving malware to visitors for three days over the New Year period.

The issue was first noted by Dutch IT security company Fox-IT, which said in a blog post it had detected and investigated infections suffered by clients who had visited

According to the organisation, those who clicked on the ads were redirected to a Magnitude exploit kit, which can install various different malware including ZeuS, Andromeda and Necurs.

The malicious ads first appeared on 31 December until 3 January, after Yahoo removed them.

Advertisement - Article continues below
Advertisement - Article continues below

A Yahoo spokesperson told IT Pro: "At Yahoo, we take the safety and privacy of our users seriously. From December 31 to January 3 on our European sites we served some advertisements that...spread malware. Users in North America, Asia Pacific and Latin America...were not affected. Additionally, users using Macs and mobile devices were not affected."

The company said it is continuing to monitor the adverts appearing on its sites for any other suspicious activity.

Further information for users will also be posted shortly, the spokesperson said.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019

Best free malware removal tools 2019

23 Dec 2019

Best antivirus for Windows 10

3 Sep 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020