According to a Netherland-based security firm Fox IT, Yahoo.com is infected with malware exploit kit which are served through Yahoo’s ad network.
Users clicking on advertisements on the website are redirected to an infected website that installs different malwares on the users’s computer. “The earliest signs of infection detected by the firm go as early as December 30th,” according to the blog post.
According to the report, users in Romania, Great Britain and France appeared to have been affected the most by this malware attack, but even if you’re not residing in these countries and visited yahoo.com after December 30th, it’s recommended you scan your computer just in case. The report also mentions that the number of visits to the malicious site are around a massive 300k per hour.
According to Fox IT,
Based on a sample of traffic we estimate the number of visits to the malicious site to be around 300k/hr. Given a typical infection rate of 9% this would result in around 27.000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Great Brittain and France. At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo.
Additionally, they also reported that Yahoo is aware of the problems, and are taking necessary steps to fix this problem.
“We recently identified an ad designed to spread malware to some of our users,” Yahoo said in a statement. “We immediately removed it and will continue to monitor and block any ads being used for this activity.”