Showing results for 
Search instead for 
Did you mean: 

CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Silver VIP

CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Purple Palace not directly involved but maybe it should chat to these infosec bods

By John Leyden,


Crooks are using Yahoo!'s advertising network to infect PCs with the CryptoWall ransomware, it's claimed.

Windows software nasty CryptoWall encrypts a victim's files using an OpenSSL-generated key pair before demanding a ransom to decrypt the data. It communicates with its masters using RC4-encrypted messages to command servers hidden in the Tor network, we're told.


It was initially spread by spamming email inboxes with "incoming fax" scans or links to files held in cloud storage that were booby-trapped with malicious code.

The malware then evolved to use poisoned web advertisements – or malvertising – to spread across the internet.

Typically, when someone clicks on an ad, the site displaying the advert, and the advertising network serving it, take a small fee for referring the visitor to the advertiser's website. It appears CryptoWall victims are lured into clicking on adverts, which refer the browser along a chain of websites until it reaches a server that exploits a vulnerability to infect the computer.


Full Article  beta_tester_transparent.png

Luminary Signature.png

2016-07-18_12-11-32.png  Microsoft® Windows Insider MVP - Windows Security

Community Leader

Re: CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Pretty soon its not going to be safe to go on Facebook. Hackers are really focusing on this social media and were getting bit.

Community Leader