Yahoo is responding to reports now that it has been harboring “malvertising” on its advertising network.
Researchers at Malwarebytes Labs uncovered the problem, and published a post about it on Monday.
A rep for Malwarebytes Labs sent PR Daily the following explanation of the problem:
How this particular attack works is that first, a victim visits the Yahoo! website. At that point, a malicious advertisement may appear on the web page, unbeknownst to them. When it does, the user’s web browser is silently redirected to an infected Microsoft Azure web page—but the victim usually doesn’t even see that happening. Once that happens, the victim is redirected again to what’s called an exploit kit, which are packaged attacks that cybercrooks sell to one another. And when that occurs, the victim is infected with anything from ransomware (which encrypts your personal files and documents and holds them for a hefty ransom) to banking Trojans (which steal your online banking log-in credentials).