Sign in / up

back to article Yahoo! website! ads! spaff! CryptoWall! ransomware! AGAIN!

Yahoo! has been used to spread ransomware to Windows PCs almost exactly a year after the previous big outbreak. Adverts served on the Yahoo! homepage as well as the Yahoo! News, Sports, Celebrity, Finance, and Games websites, quietly loaded a script that ultimately exploited holes in Adobe Flash to infect vulnerable systems, …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    "If there was a simple answer, whoever had it would be very rich."

    I take it from this that Adblock Plus are very rich.

    17 1 Reply
    1. Mark 85
      Reply Icon

      Unless the miscreants are paying Adblock to "allow" their ads....

      0 0 Reply
  2. jason 7

    Cryptoprevent

    Worth installing for those that just wander anywhere and insist on using leaky email setups.

    www.foolishit.com

    1 0 Reply
  3. Whitter
    Mushroom

    Can't fix it? Then stop it.

    "...such malware attacks are an all-too-common occurrence in the advertising space..."

    Some jobs are tough - that's why you get paid.

    Fix it or go home.

    9 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Can't fix it? Then stop it.

      Why don't you fix it and get rich then?

      0 6 Reply
      1. Anonymous Coward
        Reply Icon
        Stop

        Re: Can't fix it? Then stop it.

        Sites running ad's test back links (and monitor changes) before pushing out. Talking major sites, like Yahoo, that have the resources.

        Fixed.

        £100,000,000 please.

        13 0 Reply
        1. Doctor Syntax Silver badge
          Reply Icon

          Re: Can't fix it? Then stop it.

          Failing that, compensate the victims. If that were the norm I think Yahoo & the like would find it trivial to implement safeguards.

          9 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Kill the ads and pay for services...

    ... at least money go to the good ones.

    2 0 Reply
  5. jason 7

    I joined a discussion on LinkedIn...

    ...a couple of months ago about "How Ad marketing on the Web is so fabulous!"

    Myself and a few other IT/Non marketing bods on there then went on to destroy the marketing folks with tales of dread and disaster and why we all used AdBlock and never saw their ads in the first place. Why web ads are poison and a security risk, never clicked on them etc. etc.

    The Ad folks were totally bemused and just kept saying "but why wouldn't you all want to see our massive, intrusive flash laden adverts on the web?"

    There is a disconnect...

    17 0 Reply
    1. Captain DaFt
      Reply Icon

      Re: I joined a discussion on LinkedIn...

      "The Ad folks were totally bemused and just kept saying "but why wouldn't you all want to see our massive, intrusive flash laden adverts on the web?"

      There is a disconnect..."

      Yes, you should've connected them to this link , and asked them to refrain from replying until they'd followed instructions.

      0 0 Reply
  6. eswan

    If there was a simple answer, whoever had it would be very rich.

    acl mimeblock rep_mime_type ^application/x-shockwave-flash$

    acl mimeblock rep_mime_type ^application/x-flv$

    acl mimeblock rep_mime_type ^video/x-flv$

    http_reply_access deny mimeblock

    Where's my money?

    2 0 Reply
  7. Anonymous Coward
    Anonymous Coward

    Disable?

    "Segura suggests that users either disable Flash or set the player on click-to-play mode so potentially harmful files are not loaded automatically."

    Nice try, but "REMOVE Flash" is the correct answer as Adobe Crash can be included in various document formats. (https://grahamcluley.com/2015/07/disabling-flash/). Sorry, the nice parting gifts ent to a different contestant who actually had a clue.

    3 0 Reply
  8. NanoMeter

    A combination of Cryptoprevent and an adblocker would prevent something like this from happening.

    Coincidentally, that's what I got.

    0 0 Reply
  9. Fihart

    False alarms ?

    Don't know about Yahoo, but ads on The Register site were triggering alarms from Avast yesterday.

    0 0 Reply
    1. jason 7
      Reply Icon

      Re: False alarms ?

      This is it, no point white-listing fave sites as safe ads today may well be infected ads tomorrow.

      Just isn't worth the risk. Blanket ban on all sites is the only way forward.

      4 0 Reply
  10. Dan Paul

    As mentioned elsewhere...

    the companies serving these infected ad's are criminally negligent when they don't fix the problem after being made aware of it.

    1 0 Reply
  11. Dan 55 Silver badge
    Flame

    This is the same Yahoo which make you sign up with your mobile number

    Yeah, we can trust 'em not to fuck that one up too.

    1 0 Reply
  12. Kilroy2k1

    "If there was a simple answer, whoever had it would be very rich."

    Simple. Ban all ads.

    The global govt's use the web to spy and track us so they can pay the site owners and service providers to keep people online. adverts are unnecessary.

    Who do I see about my pay?

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like