Security researchers at Malwarebytes Labs have uncovered a large malicious advertising attack on Yahoo's advertising network.
Malwarebytes says the attack began on July 28, but Yahoo took down the campaign Monday. Still, many Web site visitors may already unknowingly feel the brunt of being infected, with an estimated 6.9 billion views a month across its network. Malvertising attacks do not require a site visitor to interact with the advertisement for the machine to become infected with malware or malicious software.
Think of these malware attacks as silent killers where the brand, the network, and the site visitors lose. When someone visits a site on Yahoo's network, a malicious advertisement may appear on the Web page. The code in the infected advertisement redirects the user's Web browser to an infected Microsoft Azure Web page, but the victim usually doesn’t even see that happen, according to Malwarebytes analysts.
The virus can steal any type of personal information including logins to bank records by hunting for an out-of-date version of Adobe Flash that it uses to take control of the computer, either holding it for ransom until the hackers were paid off or discreetly directing its browser to Web sites that paid the hackers for traffic.
Malwarebytes also found Monday a series of fake infection warnings on what analysts think are compromised Web sites. These are fake Android virus alerts. Described by Christopher Boyd, Malware Analyst at Malwarebytes, as "terrifying messages of impending doom on a mobile device are always more worrying than on a desktop, because many device owners may not be locking down their phones the way they do their PCs."
Boyd said for the Android fiasco there is no infection to worry about, just advertisements redirecting users to unwanted locations. He said that keeping the "Allow installs from unknown sources" box unticked and the "Very Apps" box ticked will not completely protect the phone and data, but it will keep it more secure.