So recently it was reported by a Netherlands security firm that Yahoo’s advertising network, ads.yahoo.com, was used to distribute malware to users mainly in Europe and Africa. Basically, malware targeting a visitor’s Java would download as soon as a user clicks on an infected ad. It’s not clear yet when this started but a report but one security firm, Fox-it, says it could have started as early as December 30. Yahoo itself acknowledged the problem and says they have fixed it.
With Internet penetration below 20% in Zambia and the region, one is tempted to think Africa is not a target for such malicious attacks, and one would be very wrong indeed. Hackers, compromising such platforms Yahoo’s ad network see an opportunity in the unwary user, relatively new to the Internet, and quite ready to click on ads inviting them to enjoy freebies and other such. The reality is that the malware underworld has woken up to the fact of a growing middle class in Africa, who are increasingly connecting to the Internet and using it for more than just email and some research.
It’s not clear yet what damage the Yahoo ad network distributed malware did but but that there are financial motivations behind the attack has been said to be a clear motive. Security first also suggest that the attackers could have been acting to offer whatever they get (password and credit card information from key logging for example) to other actors.
To protect yourself from such attacks, one needs to know that its not just happening in the developed countries, and that therefore they should keep wary of any signs of unscrupulous behaviour by websites. You should also updated anti-malware software that can detect it and prevent infection if an attempt is made.
For this specific attack, disabling Java would help as the software has basically been a favourite of hackers for a while now.