A security firm in the Netherlands says they’ve found a malicious exploit kit hidden within Yahoo’s advertising network. The malware would redirect users to websites laced with exploits designed to take advantage of vulnerabilities in Java that would in turn install even more malware on the computers of unsuspecting victims.
Fox IT said the malware may have been delivered to up to 300,000 users per hour. Given the typical infection rate of nine percent, this would result in around 27,000 infections each hour. The rate has since slowed as of writing which suggests Yahoo is making progress in rectifying the issue.
True enough, the Internet pioneer said in a statement that they recently identified an ad designed to spread malware to some of their users. They immediately removed it and will continue to monitor and block any ads used for this type of activity.
Based on sample traffic, the firm found that countries most affected by the exploit kit include Britain, France and Romania. It’s unclear, however, why these regions are being targeted the most but the redirected traffic appears to be going to domains hosted in the Netherlands. What’s more, they weren’t able to determine who is behind the attack but the motivation is clearly financial.