Yahoo Mail Blocked by Browsers in Malvertising Chain Reaction
If you tried to access Yahoo mail today, chances are that you saw at least once the Safe Browsing dialog instead of your inbox, as one of the advertisers showing banners on Yahoo has started serving malicious content.
The malicious ads started showing up earlier this morning, when ad pusher eqads.com got blocked by Google Safe Browsing. A closer look into the incident revealed that the eqads.com site is redirecting to a number of malicious domains, including 11lalervo.info (registered yesterday) and skiajkax.sytes.net.
Both domains have been briefly available and served Java and PDF exploits via crimeware kits.
Since it is unknown for how long the advertiser has been compromised to load malicious contents from third-party websites, you should perform a 60-second QuickScan to see if you have been infected.
Malvertising is a term that defines adverts purchased through third-party publishers who are modified to serve malware rather than to display a banner. They have been common in recent years, as cyber-crooks try to attack visitors of extremely popular websites such as Yahoo. However, this is the first time that an ads publisher has been completely subverted and all traffic hijacked to malware.
We reached out to EQAds via Twitter to let them know about the issue, but received no acknowledgement. However, it appears that they are already working on the issue, as their website has defaulted to the Apache test page.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021