Yahoo serves up New Year malware to European customers
Malicious adverts infect users’ computers.


Yahoo has confirmed a number of ads on its European sites were serving malware to visitors for three days over the New Year period.
The issue was first noted by Dutch IT security company Fox-IT, which said in a blog post it had detected and investigated infections suffered by clients who had visited yahoo.com.
According to the organisation, those who clicked on the ads were redirected to a Magnitude exploit kit, which can install various different malware including ZeuS, Andromeda and Necurs.
The malicious ads first appeared on 31 December until 3 January, after Yahoo removed them.
A Yahoo spokesperson told IT Pro: "At Yahoo, we take the safety and privacy of our users seriously. From December 31 to January 3 on our European sites we served some advertisements that...spread malware. Users in North America, Asia Pacific and Latin America...were not affected. Additionally, users using Macs and mobile devices were not affected."
The company said it is continuing to monitor the adverts appearing on its sites for any other suspicious activity.
Further information for users will also be posted shortly, the spokesperson said.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives

Jane McCallion is Managing Editor of ITPro and ChannelPro, specializing in data centers, enterprise IT infrastructure, and cybersecurity. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.
-
What is polymorphic malware?
Explainer Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
The worst hacks of all time
In-depth Yahoo, LinkedIn, Facebook, here is a quick guide to some of the biggest data breaches in history
-
New Adload malware bypasses Apple’s XProtect to infect macOS devices
News Old malware retooled to evade Apple defenses
-
Common malware slipped past the macOS notarization process twice
News Apple immediately revoked the notarization, but the adware slipped through again
-
Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adware
News Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware
-
Zacinlo malware threatens Windows 10 PCs' security
News Malware takes screenshots of users' desktops, and has been operating silently for six years
-
Yahoo handed £250,000 fine over 2014 data breach
News ICO punishes Yahoo's UK arm for failing to protect 515,000 Brits
-
Canadian pleads guilty to Yahoo hack
News Karim Baratov was paid by Russian security agents to break into Yahoo accounts in 2014
-
Russia denies it's responsible for Yahoo hack
News The Kremlin said there's "absolutely no question of any official involvement by any Russian agency"