Yahoo Ad Network Charged With Distributing Malware To Millions Of Users Outside Of US

yahoo-logo-2013-cleanAccording to a report this weekend on Washington Post’s technology blog The Switch, two Netherland internet security firms revealed that Yahoo’s advertising servers were inadvertently distributing malware.

According to a statement from a Yahoo spokesperson sent to the Washington Post:

At Yahoo, we take the safety and privacy of our users seriously. We recently identified an ad designed to spread malware to some of our users. We immediately removed it and will continue to monitor and block any ads being used for this activity.

The statement from Yahoo prompted a follow-up report by the Washington Post clarifying that the malware attack had not affected users in North America, Asia Pacific and Latin America, or users on Mac and mobile devices. “Presumably that means that Windows users on other continents — including Europe, where the problem was first spotted — were hit by the attacks,” wrote Washington Post reporter Timothy Lee. Yahoo told the Washington Post that the malicious ads started on December 31.

The Netherland internet security firms that discovered the malware attacks were Fox IT and anti-virus software provider SurfRight. Fox IT published a blog post on January 3, reporting that some of the ads being served by were malicious, redirecting users to an exploit kit:

Based on a sample of traffic we estimate the number of visits to the malicious site to be around 300k/hr. Given a typical infection rate of 9% this would result in around 27,000 infections every hour. Based on the same sample, the countries most affected by the exploit kit are Romania, Great Britain and France.

The Fox IT blog post went on to claim that their reports showed the attacks may have started as early as December 30, even though Yahoo claims the initial date the malware attacks began were December 31.

According to a post on SurfRight’s blog, the malware attacks may have resulted in click fraud, the disabling of anti-virus software, and theft of usernames and passwords.

Related Topics: Channel: Display Advertising | Yahoo: Advertising


About The Author: is Third Door Media's General Assignment Correspondent, and reports on the latest news and updates for Marketing Land and Search Engine Land. From 2009 to 2012, she was an award-winning syndicated columnist for a number of daily newspapers from New York to Texas. With more than ten years of marketing management experience, she has contributed to a variety of traditional and online publications, including,, and Sales and Marketing Management Magazine. Read more of Amy's articles.

Connect with the author via: Email | Twitter | Google+ | LinkedIn

Marketing Day:

Get the top marketing stories daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. You can read more about our comments policy here.

Comments are closed.

Get Our News, Everywhere!

Daily Email:

Follow Marketing Land on Twitter @marketingland Like Marketing Land on Facebook Follow Marketing Land on Google+ Subscribe to Our Feed! Join our LinkedIn Group Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Marketing News!

Marketing Day is a once-per-day newsletter update - sign up below and get the news delivered to you!