Researchers at Malwarebytes, an anti-malware vendor, uncovered a large scale attack targeting Yahoo customers via Yahoo’s advertising network. Malwarebytes notified Yahoo about it and the “malvertising” marketing campaign is now no longer in progress.
The attack was possible as a result of Flash vulnerabilities in unpatched versions of Flash, even perhaps the same vulnerabilities that force Mozilla to block Flash by default in its browser for a number of days until Adobe released a patch. Not all Flash users have updated to the latest version, though, which implies they’re still susceptible to these highly dangerous security exploits.
Yahoo owns large Web properties with an estimated 6.9 billion monthly visits, based on data from SimilarWeb, which implies even if a small proportion of those visits resulted in malware installation on the users’ PCs, it might still affect millions of individuals.
Malvertising is particularly dangerous because it requires no action from the user, and it can download and install itself automatically on the user’s PC (assuming the user is on a Standard account and not an Administrator one, and the User Account Control protection is weak enough to be bypassed, or the malware makes use of native privilege escalation zero-days).
The malware can even install “ransomware” on users’ computers and lock their files till the customers pay the criminals.
Recently, Flash has been a lot in the news, with even Facebook saying it hurts their business. Apple and Twitch have already ditched Flash. Users are advised to either update their version of Flash or disable it completely.
We at GadgTecs think Flash should be abandoned by now. HTML5 is not perfect, but much secure and better alternate.
[…] Crucially, the move will also help kill the spread of malware via malicious Flash files, particularly dodgy adverts which have popped up on sites used by millions and millions of individuals (hint: like Yahoo!) […]
[…] Crucially, the move will also help kill the spread of malware via malicious Flash files, particularly dodgy adverts which have popped up on sites used by millions and millions of individuals (hint: like Yahoo!) […]
Hi Amna, I saw something like this even in my Mozilla browser when I opened yahoo mail.Flash is not safe for advertising,why they not use html5 is working and any device with any platform.
Yahoo problem can be resolved by the above information as the information provides is totally relevant to the Yahoo conflicts. There is some problem may also occur in the forwarding Yahoo mails to the Gmail account. this can be done by enable the auto mail forward option.
Yahoo email auto-forward features disabled? Here we have provided steps-by step instruction on how to enable your Yahoo mail account.
Add your Yahoo email account to outlook with the help of support team or some instructions. Or contact with Yahoo email customer support team.