Many Yahoo users in Europe had their computers infected in a massive c attack earlier this month.
Users who clicked on certain ads displayed on Yahoo’s ad network had malicious scripts installed under the cloak of iFrames, which allowed the malware to pass through without Java detecting it.
Dutch security firm Fox IT estimated that 27,000 computers were being infected every hour during the height of the attack, which lasted from December 31 to January 3 on European sites.
It seems that mobile and Mac users were spared; only Windows systems were infected.
Yahoo acted quickly to the attack, to its credit. “These advertisements were taken down on Friday, January 3," a spokesperson from Yahoo said. "Users in North America, Asia Pacific, and Latin America were not served these advertisements, and were not affected.”
The attack itself seemed financially motivated, as the script hijacked the resources of infected computers to mine Bitcoins.
A single computer with a CPU processor would be useless as a Bitcoin miner, but such an operation scaled up to 2 million PCs could do some real mining. However, that such attacks “will soon be a thing of the past,” as the blockchain’s hash difficulty will eventually move beyond the capacity of even a million CPUs.
The identities of the hackers are unknown at this point. Nevertheless, this isn’t the first time malware was used to get Bitcoins out of users’ machines, whether by coercion or secrecy.
New Jersey games company E-Sports Entertainment settled with customers in November over a clandestine mining operation that used customers’ machines.
And, of course, Cryptolocker simply ransoms users’ machines for 2 BTC.