• by P.J. Bednarski , Staff Writer @pjbtweet, August 4, 2015

Have you been the victim of an Internet bug? A hacker? Malware? Once, it seems to me, it was more of a news story you read about without any urgent concern it was going to happen to you. 

Now, I have dozens of friends and acquaintances who’ve been “compromised.” It is now commonplace, and the latest common place it’s happened is on Yahoo sites.

For much of last week, the ad network used by Yahoo’s most popular domains was targeted by cyberthugs hoping to spread malware to millions of visitors to the sites. That’s a huge number. Yahoo has nearly 7 billion visitors a month to the affected sites, which include makes that a king-sized crime.  

Yahoo stopped it as soon as it heard about it from Malwarebytes.com, a security firm. But anyone who visited such popular sites as Yahoo news, or finance or sports or gaming was potentially exposed.

“Malvertising is a silent killer because malicious ads do not require any type of user interaction in order to execute their payload,” the Malwarebytes blog says.  “The mere fact of browsing to a Website that has adverts. . . is enough to start the infection chain. . . The complexity of the online advertising economy makes it easy for malicious actors to abuse the system and get away with it.”

The blog said the Yahoo attack was one of the biggest recently, and was a kind of appropriate exit for the month of July.

Malwarebyes says June and July were record months for malvertising, a crime that is aided by programmatic selling where volume, speed and price make it a comfortable work environment, because the devil in this case is really buried deeply in the coding details. You’ll never know you’ve been tagged. As Malwarebytes notes, it even affects the users who are careful to give wide berth to practices they encounter online “that look or feel ‘wrong.’”

None of that matters with malvertising. “Rather, you go to a Website you trust (like a news site or similar) and the adverts are secretly injecting criminal software onto your computer. This means infections can happen just by browsing the morning headlines, visiting your online dating profile or watching a video.”

According to another Website, Hacked.com, the Yahoo sites were infected it with the Angler Exploit kit, “often considered the most sophisticated exploit kit available.” Hacker says it contains several pre-determined attacks that are designed to target zero-day vulnerabilities.” Malwarebytes says the first sign a consumer might recognize things are going badly is when the installed malware :”starts threatening [demands for] money for menaces, logging your bank details or any number of despicable scams.”

Yahoo gets high marks from the hacker sites for tackling the problem the moment it discovered it. The company issued a statement:  “Yahoo is committed to ensuring that both our advertisers and users have a safe and reliable experience. As soon as we learned of this issue, our team took action and will continue to investigate this issue.

“Unfortunately, disruptive ad behavior affects the entire tech industry. Yahoo has a long history of engagement on this issue and is committed to working with our peers to create a secure advertising experience. We’ll continue to ensure the quality and safety of our ads through our automated testing and through the SafeFrame working group, which seeks to protect consumers and publishers from the potential security risks inherent in the online ad ecosystem.”

Another tech site, Tom’sHardware.com , points to a culprit:  “The attack was possible due to Flash vulnerabilities in unpatched versions of Flash, perhaps even the same vulnerabilities that got Mozilla to block Flash by default in its browser for a few days until Adobe released the patch. Not all Flash users have updated to the latest version, though, which means they are still vulnerable to these highly dangerous security holes.” Its advice? At the very least, update your Flash, or just stop using.it.

pj@mediapost.com