Yahoo found serving Java malware-spreading ads

Malicious ads served through Yahoo's ad network delivered malware to thousands of site visitors, according to researchers at Fox-IT, but Yahoo subsequently blocked the attack. Fox-IT's post said that visitors who saw the ads in their browsers were redirected to a "Magnitude" exploit kit. "This exploit kit exploits vulnerabilities in Java and installs a host of different malware," Fox-IT said, including ZeuS, Andromeda, Dorkbot/Ngrbot, ad-clicking malware, Tinba/Zusy and Necurs. The security company's investigation dated the start of the infection to December 30 but it said it might have begun earlier. Yahoo confirmed the infection and said it had taken action to remove it. <more>