Yahoo hasn't confirmed any official infection numbers
Yahoo has admitted that rogue ads served up by its ad servers in Europe infected computers with malware reports The Guardian. All the users had to do was visit the Yahoo home page in Europe to get the malware on their machines. Yahoo hasn’t officially said how many computers were infected.
The web giant has confirmed that malware ads were served by its ad servers. Yahoo said, "From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines – specifically, they spread malware."
The issue affected only European users. The malware served installed by the rogue ads also only targeted Windows machines, Mac users are unaffected. Yahoo said that it is continuing to block and monitor any advertisement that are being use for fraudulent activity.
The ads reportedly installed software that turned the target computers into Bitcoin miners. Some of the ads installed the ZeuS virus that tried to steal bank information. The attack took advantage of outdated Java software on target machines.
"The attack focused on outdated software," says Steve Regan of security site CSO. "The only way for the exploits to work is to have outdated versions of Java on your system. If Java is up to date, then the odds are, you're safe. However, I don't trust Java, so unless you absolutely need it, my advice is to uninstall it from your system. It seems like I see more zero-day attacks aimed at Java than anything else, the risk isn't worth it for me."
It's estimated that there were 27000 infections for each hour the ads were on the Yahoo site. That would mean 2 million computers were infected before the issue was discovered.