Extensive Malvertising Campaign Targets Yahoo!
Christopher Files / 3 years ago
This Malvertising Campaign is no longer active having been reported to Yahoo by Anti Malware blocker Malwarebytes, it’s still newsworthy to note the stats and techniques which targeted yahoo Ad Network for now and future reference.
According to the following statistics, yahoo and its combined websites has an estimated 6.9 Billion visits per month, which makes this attack one of the biggest targeted attacks seen recently.
- www.yahoo.com | 6.9B monthly visits
- news.yahoo.com | 308.50M monthly visits
- finance.yahoo.com | 135M monthly visits
- sports.yahoo.com | 112.50M monthly visits
- celebrity.yahoo.com | 66.60M monthly visits
- games.yahoo.com | 43.40M monthly visits
The attack leverages Microsoft Azure websites with the following domains being used,
This chain of events leads to the infamous Angler Exploit kit which attempts to exploit known software vulnerabilities within a person’s computer. Think of it like this, your browsing the web for cat pictures, you arrive at a site which contains a malicious link or ad, without clicking on the advert, the tool attempts to find and exploit for example a Flash or another program bug, if it’s successful it will then attempt to compromise said computer. Angler is also known for spreading the rise of Crypto Ransomware which is extremely dangerous. To allow myself a plug, and this is my first one, here’s a link to an article which I have written concerning the Windows 10 Crypto Malware.
Malware within adverts is hugely popular because it does not need the user to click on the ad for the Malware to spread. The nature of the Internet pushes these attacks at a phenomenal rate which exploits the globe. Always update your plug-ins, software, Anti Virus and Windows patches on a regular basis, we all know Flash is about as breakable as a glass hammer. Unless Adobe adapts, it will be remembered in nostalgia circles rather than a current product.
It may be wise to either uninstall or change Adobe Flash’s settings to “Ask to Activate”
Thank You Malwarebytes for providing us with this information.