European Yahoo Sites Infect Scores of PCs With Bitcoin Mining Malware

Here’s a flub of epic proportions. Yahoo! has confirmed a malware attack affecting visitors of their European web properties from the 31st of December through the 3rd of January. The attacked happened via the advertisements the sites were displaying. They were embedded with malware, spreading like plague from where they were displayed to the end user’s machine (Mac computers and mobile devices excluded).

From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines – specifically, they spread malware.

It is approximated by FOX IT, a Dutch security company, that the malware-holding advertisements spread to 27,000 machines per hour during the times they were displayed, potentially infecting well over 1.5 million machines.

Here’s where it gets interesting: it is being reported (see CoinDesk) that the malware, or at least some of it, was used to mine bitcoin for cyber criminals. And while one, two, or even ten average computers wouldn’t really be capable of mining much, the story is entirely different when you get to the hundreds of thousands to millions of machines — all running mining software covertly and in concert.

Yahoo is obviously no longer running the advertisements, but if you’ve been to their European sites during the above-noted dates, you ought to run an anti-malware scan as soon as possible.