Malware seems to be attacking our computers from every direction these days, but we still tend to take the security of the world’s most trafficked websites as a given. As it turns out, that could be a huge mistake.
According to online security firm Fox IT, hundreds of thousands of visitors to the massive network of Yahoo websites on or around January 3 were served ads that redirected their browsers to websites containing malware. Once on a computer, the malware exploits security holes in the JAVA framework that’s installed on the PC.
While users in three European countries (Great Britain, France and Romania) appear to have been hit the hardest, I recommend immediately scanning your computer’s hard drive for malware if you visited a Yahoo property any time after Christmas AND clicked on an ad while you were there. You’ll find step-by-step instructions for removing malware from your computer right here.
On a related note, about a year ago I wrote a post recommending that everyone remove JAVA from their computers due to its inherent insecurity. This latest exploit is yet another example of why that’s so important. While a few websites still use code written in JAVA, most abandoned it long ago.
Bottom line: If your favorite website still uses JAVA, you might want to strongly consider finding an alternative.