Yahoo falls victim to huge ‘malvertising’ attack
Internet firm Yahoo has fallen victim to an unprecedented ‘malvertising’ attack after hackers broke into its ad network, according to security firm Malwarebytes.
According to the firm hackers exploited a vulnerability in Adobe Flash on 28 July to make their entry and propagate through Yahoo’s ads for a week, potentially putting up to 100m monthly visitors to yahoo’s suite of sites at risk.
Jérôme Segura, a senior security researcher at Malwarebytes who first discovered the breach, said: “This [is] one of the largest malvertising attacks we have seen recently.”
In a statement a Yahoo spokesperson said: “As soon as we learned of this issue, our team took action to block this advertiser from our network.
“We take all potential security threats seriously. With that said, the scale of the attack was grossly misrepresented in initial media reports and we continue to investigate the issue.”
Yahoo is working to encrypt its ad network connections and has already installed end-to-end encryption for Yahoo Mail.