Malware From Yahoo! Ads Mined Bitcoins

Malware that spread via compromised Yahoo! homepage ads contained code used to mine bitcoins on target computers.

Malware From Yahoo! Ads Mined Bitcoins
The Verge / Casascius

Yahoo! served up malware-laden ads on its homepage for four days earlier this month.

The attacks affected European users, and a new report in The Guardian confirms at least some of the malware in question was used to mine bitcoins.

The malware targeted a vulnerability in Java, according to the report. SiliconAngle explains it hijacked computers to perform the resource-intensive calculations required to collect the digital currency.

"Not that the victims will see a penny of this fortune of course – enslaved computers suffer from a massive drain in resources, yet all of the profits go directly into the wallet of the malware owner."

A writer for Techdirt says: count your blessings.

"As 'malware' goes, this is actually a lot less damaging than some other stuff out there (keyloggers designed to steal bank info, for example). It likely would bump up electricity bills slightly for some users."

But malware that steals processing power and electricity does make sense, according to digital currency analysis group Coindesk.

"The only way to make any cash on PC bitcoin mining is if you don't have to buy the hardware or electricity. At this point a network of average PCs will waste more energy generating bitcoins than the bitcoins are worth."

During Yahoo!'s malware attack, security firm Fox-IT reported a rate of around 27,000 infections per hour, which could have resulted in nearly 2 million total infections.

In a statement following the attacks, Yahoo! said it would "continue to monitor and block any advertisements being used for this activity." (Via InformationWeek)

And in this case, users can get proactive in keeping their systems safe.

Security experts tell The Guardian Java is vulnerable to a wide range of attacks and recommend users get rid of the software if they don't have a need for it.