Yahoo! pimping malware from banner ads

The Register ^ | Monday 28th April 2008 20:41 GMT | Dan Goodin

[snarkpup]

Over the past three days, Yahoo has been exposing visitors to banner ads that try to trick them into installing malware, and there's no indication anyone at the company is even aware of the problem.

According to Microsoft MVP Sandi Hardmeier's "Spyware Sucks" blog, the ads are displayed across a wide swath of the web portal's sprawling empire, including Yahoo Mail, Yahoo Groups and Yahoo Astrology. Hardmeier first sounded the alarm on Saturday, and yet on Monday, Yahoo continued to run the rogue ads, she reported. El Reg emailed three different Yahoo PR reps but never did get a response.

[goldstategop]

It can't install on Vista, Linux or MacOSX. So I wouldn't worry about it. If Yahoo's practice doesn't change, users should add it to their Internet Explorer Restricted Zone list so malware can't do a silent download and install without users' permission.

"Show me just what Mohammed brought that was new, and there you will find things only evil and inhuman, such as his command to spread by the sword the faith he preached." - Manuel II Palelologus

[goldstategop]

The NOScript extension on Firefox should allow one to make sure dangerous scripts don't run on Yahoo.

"Show me just what Mohammed brought that was new, and there you will find things only evil and inhuman, such as his command to spread by the sword the faith he preached." - Manuel II Palelologus

[snarkpup]

The NOScript extension on Firefox should allow one to make sure dangerous scripts don't run on Yahoo.

That's what the author says in this article; but in a related earlier article ("Thousands snared by malware warning from big-name websites"), he says this is not totally secure:

As is so frequently the case, those using the NoScript extension for the Firefox browser are afforded some level of protection against the ads, but not always. The ads are frequently served up by the same server hosting the trusted content. Users who allow the site to run javascript so, for example, it can provide local weather forecasts, will not be protected, Jackson said.

This is why I never enable scripting at all unless absolutely necessary.

[goldstategop]

Scripting is necessary to run IMs and some trusted content. Of course if its not a trusted site, never allow scripting to run on that site. That's a good balance between letting content run on safe sites and blocking it on high risk sites on the Internet.

"Show me just what Mohammed brought that was new, and there you will find things only evil and inhuman, such as his command to spread by the sword the faith he preached." - Manuel II Palelologus

[ShadowAce]

[shorty_harris]

I use firefox with noscript, adblock plus, and adblock plus element hider add-ons. I don’t see any ads, not even text based ads.

[KosmicKitty]

RBN - the Russian Business Network at it again