Yahoo’s advertising server in Europe ‘spreading’ malware

Yahoo’s advertising server has been attacked by malware, affecting thousands of users in several countries who viewed ads during the past few days.

According to the Internet security firm Fox IT, which discovered the malware bug, it has been claimed that about 300,000 users had been viewing the malware infected ads every hour.

Fox IT said in a statement that given a typical infection rate of 9%, this would result in around 27,000 infections every hour.

"Based on the same sample, the countries most affected by the exploit kit are Romania, Great Britain and France," internet security firm said.

"At this time it’s unclear why those countries are most affected, it is likely due to the configuration of the malicious advertisements on Yahoo."

The latest malware exploits vulnerabilities in Java and installs some malware to the user’s device such as ZeuS, Andromeda, Dorkbot, Tinba or Necurs.

With most of affected users being limited to European countries including Romania, Britain and France, the latest malware did not affect users in other countries including Asia Pacific, North America and Latin America.

Yahoo said in a statement on Friday that the company served some advertisements on its European sites that did not meet its editorial guidelines, specifically, they were designed to spread malware.

"We promptly removed these advertisements. Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected," the internet major said.

"Additionally, users using Macs and mobile devices were not affected."