Hackers taking advantage of Yahoo Right Media spread Trojan

Yahoo's online advertising network Right Media has suddenly become an "ally" of hackers, helping them spread millions of banner ads infected with Trojan on a series of websites, including names like Photobucket and MySpace.

Some security vendors have identified and identified Trojans that are transplanted in Yahoo Right Media's banner ads as Trojan Downloader.VBS.Agent.n. Its goal is that PCs not yet installed with Microsoft Data Access Components security patches have been released by Microsoft in February.

Security firm ScanSafe said the 'malicious' banner ad started to appear via the Right Media network in early August. Within about three weeks it was distributed 12 million times and appeared on 70 different advertising servers intertwining legitimate ads.

If users access any of the websites containing the above 'malicious' banner ads, they will immediately be infected with a dangerous trojan. However, Trojans can only attack PCs that use Internet Explorer browser versions that have not been fully installed with the necessary patches.

The exact number of users who have been infected with the trojan is still not available.

Addressing this issue, Yahoo spokesman confirmed that the company had identified the dangerous advertising banner and quickly removed it. ' We cannot control what happens on the Internet. We will continue our efforts to develop security tools and are committed to finding the most effective solution to counteract this type of attack to protect users and advertisers . '

However, a Yahoo spokesperson declined to comment on a plan to prevent a future similar incident of Right Media. Representatives of MySpace and Photobuck have not yet made any official comments on the incident.

'Accidentally become a handler'

Right Media is currently one of the fastest growing online advertising networks on the Internet with more than 20,000 customers who are advertising agencies, providing content and providing network services. This is an advantage but also a deadly weakness for Right Media. It will be very difficult to distinguish in such a large number of customers who are legitimate advertisers and what hackers want to distribute malicious code.

Right Media also regularly downloads to check if the banner ads of customers are "malicious" or not. But hackers quickly found a way to overcome this test by programming a flash banner ad that never attacked Right Media's domain-related systems. In addition to that test, Right Media has no other security solution, hackers therefore carefree and distribute malicious code.

' No one conducts a check to classify which is a malicious banner ,' said Dan Nadir, ScanSafe's vice president of product strategy. ' This problem will continue to happen as long as we have an advertising issuer solution .'

The technique of spreading malicious code through ads that look perfectly legal is not a new idea, especially for MySpace users. In July 2006, an estimated 1 million users of the social networking site were infected with an extremely dangerous adware that was "implanted" on an ad on the site.

Analysts said that this form of attack spreading malicious code through advertising is extremely dangerous and has a very high success rate. It's okay if users access a malicious website infected with malicious code. They have access to legitimate websites and are infected with malicious code.

H.Trang