Yahoo has been attacked by hackers for seven days infecting the company's ad network. Hackers took advantage of the software Adobe Flash to perform the attack. Ad networks of the company have been carrying malware that affected a number of users.
The 'malvertising' attack which began on July 28 allowed invaders to send and spread malicious bits of code to the devices of users visiting the site. Yahoo only discovered and addressed the issue after a week.
A Yahoo spokesperson said that, "As soon as we learned of this issue, our team took action to block this advertiser from our network."
Yahoo gains more than 100 million visitors each month but the company refused to reveal the exact number of users affected by the threat. The tech company also clarified that the number stated in initial reports was clearly misrepresented.
Yahoo assured the users who are now anxious about their security that they take all kinds of threats seriously. The company ensured users that they are committed to offering safe and reliable experience.
Malvertising is a common way for hackers to trick users with an automated ad network which contains embedded malware. The method is considered as a silent killer since it does not require user interaction to execute payload. Simple browsing to websites can already cause an infection chain to start.
Google suffered from the same malvertising attack last year. Hackers made use of the 'DoubleClick', the company's advertising service. The company addressed the issue by encrypting all the DoubleClick ads.
Jérôme Segura, a senior security researcher at Malwarebytes, the company that discovered the threat revealed who are responsible for the attack. Segura stated that the crime was committed by the same group of cybercriminals that are causing large-scale attacks to other firms.
Malwares sent by hackers usually target outdated versions of the Adobe Flash.