The technique, growing at an alarming rate, is facilitated when an attacker tricks an automated ad network into delivering malware embedded in ads.
The attack, which reportedly began on 28 July, took on Yahoo's ad network and leveraged Microsoft Azure websites to spread the Angler Exploit Kit onto the desktop PCs of unsuspecting site visitors, the researchers noted. The kit has seen its market share explode from 25 percent to 83 percent this year, according to Fraser Howard, a researcher at SophosLabs.
“With the pure scale and size of Yahoo, many people may have fallen victim to this attack,” Grayson Milbourne, security intelligence director at Webroot, told SC Magazine.
Yahoo and AOL users were previously infected in January 2014, and Yahoo was hit with a similar attack again in October. Additionally, DoubleClick, Google's ad network, was attacked in September 2014, with a repeat in January.
According to RiskIQ, malvertisements grew 260 percent between January and June over the same period last year. The number of unique malvertisements leaped 60 percent year over year.
Yahoo noted in a statement to Malwarebytes that it is “committed to ensuring that both our advertisers and users have a safe and reliable experience.”
The statement from Yahoo also says it will continue to “ensure quality and safety” of its ads through automated testing and through the SafeFrame working group. This alliance works to protect web users from security risks inherent in the online ad ecosystem.
Milbourne advised users to select the Chrome browser as well as an ad-removal extension. “When in doubt, steer clear and stay safe.”
increase in first quarter of 2015 of UK individuals affected by identity theft
of UK ID theft in Q1 2015 was perpetrated online
of all UK frauds recorded in Q1 2015 fall into the identity fraud category
of incidents in the finance sector last year in the UK were DoS attacks
increase in recorded UK fraud in Q1 2015
– Verizon, “2015 Data Breach Investigations Report”