Malicious ads served to Yahoo users were designed to transform computers into a Bitcoin mining operation, according to a security firm.
January 9, 2014 8:25 AM PST
The cybercriminals who infected the computers of European Yahoo users apparently wanted to create a huge Bitcoin network.
Researchers at security firm Light Cyber revealed this week that one of the malware programs aimed to use the resources of infected PCs to perform the calculations necessary to run a Bitcoin network. Revealed earlier this month by fellow security firm Fox IT, the campaign spread its package by using Yahoo’s ad server to deploy malicious ads.
The malware took advantage of vulnerabilities in Java to install itself on computers that visited the ads.yahoo.com site.
The malware attack reportedly lasted from December 31 through January 3, when Yahoo took down the malicious ads. On Saturday, Yahoo acknowledged the issue through the following statement:
At Yahoo, we take the safety and privacy of our users seriously. On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware. We promptly removed these advertisements. Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected.
Additionally, users using Macs and mobile devices were not affected.
So far, Yahoo hasn’t revealed any details on the infected computers or publicly advised affected users on what they should do. But security firm Surfright shed a bit more light on the situation.
Not every ad on the Yahoo advertisement network contained the malicious iframe, but if you have an outdated version of Java Runtime (you can check here) and you used Yahoo Mail the last 6 days, your computer is likely infected.