Yahoo ad malware attack far greater than anticipated

Hack alert: Change your Yahoo Mail password right now

The malware attack that took advantage of Yahoo’s Java-based ad network around Christmas Eve was far greater than anticipated, the company confirmed in a post (via CNET) on its help web pages. Initially believed to have affected only European users on January 3, 2014, the malware ad attacks were then said to have occurred during December 31, 2013 – January 3, 2014. But Yahoo on Friday revealed the attack actually took place between December 27, 2013 – January 3, 2014, and affected users outside of the European Union as well.

It’s not clear how many users may have been affected by the hack, although initial estimates from security companies said that up to 2 million machines might have been compromised during a four-day attack. Yahoo says that the attack happened after an account was compromised, without revealing more details about said account. However, the company says the account has been shut down, and it’s currently investigating the incident with help from law enforcement.

Yahoo isn’t offering specific help resources to users that “think” they may have been affected by the hack. Instead, it’s offering standard tips to Windows users, advising them to make sure that the latest Windows patches are installed, update to the latest version of Java and Adobe, and use an antivirus program that’s updated regularly. Apparently, only Windows users have been targeted by the ad hack.

According to previous reports, users that visited Yahoo sites including Yahoo Mail and Yahoo IM may have been served with malware ads that could have installed malicious code on their PCs for different purposes. Some of the programs installed turned those machines into Bitcoin miners, while others could have been used to steal personal information.

More from BGR: Google just made it so strangers can email your Gmail account – here’s how to stop them

This article was originally published on

Related stories

Yahoo ad malware hijacked computers for Bitcoin mining

Mayer on mail issues: Yahoo 'really let you down this week'

Yahoo struggles to properly acknowledge, fix ongoing Yahoo Mail service issues