by Tyler Durden A few days ago it was revealed that numerous European users of Yahoo, as many as two million, had gotten infected with malware from virus-laden ads served by Yahoo's homepage during the period from December 31 to January 3.The company admitted as much when it revealed that "From December 31 to January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines – specifically, they spread malware."Users in North America, Asia Pacific and Latin America weren't affected, Yahoo said.Nor were users of Apple Macs or mobile devices."We will continue to monitor and block any advertisements being used for this activity," the company added."We will post more information for our users shortly."What was not clear is just what function the ad virus served.According to the Guardian, the purpose of the most prevalent virus spread by the website was to convert the infected computers into Bitcoin mining slaves.According to the Guardian, "some of the malware would turn PCs into bitcoin miners - a huge drain on its computing resources - without users' knowledge.

Yahoo has been criticised for not saying how many people could be affected or doing anything to help those with the malware, which attacked flaws in Java modules on systems."As a reminder, in "A trip through the Bitcoin mines" we showed just how extensive the capital requirements can be for any legitimate Bitcoin mining operation, where the distributed calculations used to extract new Bitcoins have now risen to a stunning 10 quadrillion per second.So what is an enterprising hacker in need of some quick cash, but unwilling to spend the CapEx for procuring the expensive equipment (especially when buybacks and dividends are so much more attractive, just kidding) to do?Why force others to do the mining for them.This is precisely what the creator of the Yahoo-hosted virus did.According to Light Cyber, a security research firm which warned Yahoo of the attacks in late December, one of the malware programs delivered in the attack turned the victim's computer into a bitcoin miner.The computer is set to work performing the calculations required to make the bitcoin network run, but the rewards for doing so accrue to the malware writer.

Fox IT, the Dutch cybersecurity firm which first disclosed the vulnerability to the public, estimated that there were around 27,000 infections every hour the malware was live on the site.If the malware was being served consistently for the three days, it may be the case that almost 2 million computers were infected.Bitcoin is so valuable to botnet owners, criminals who control large numbers of compromised computers, that one academic paper argues that the security of the network is permanently at risk.free bitcoin instant payoutPhilipp Güring and Ian Grigg argue that the currency violates Gresham's Law (pdf), an economic theorem that states that bad money drives out good.double your bitcoin torSince bitcoin mining is far more profitable done on stolen computers with stolen energy, they argue, it will soon be uneconomical to do it any other way.alexandria bitcoin

"The attack focused on outdated software," says Steve Regan of security site CSO."The only way for the exploits to work is to have outdated versions of Java on your system.If Java is up to date, then the odds are, you're safe.However, I don't trust Java, so unless you absolutely need it, my advice is to uninstall it from your system.It seems like I see more zero-day attacks aimed at Java than anything else, the risk isn't worth it for me."Zero-day attacks exploit previously unreported flaws in software to install malware or take over a computer.bitcoin transaction sender addressMining for Bitcoin was not the only infection.make a litecoin poolAs well as the bitcoin mining malware, other software installed includes ZeuS, which attempts to steal banking information; Andromeda, which turns the computer into part of a "botnet" for use by third parties, and "adjacking" malware which hijacks the user's browser to click on adverts, thus channeling income to corrupt site owners... Software such as ZeuS lets criminals install Cryptolocker, a dangerous new type of malware which first encrypts the user's files and then demands a ransom, payable in bitcoin, to decrypt them.bitcoin how to become a miner

In most versions of Cryptolocker, the ransom is set at two bitcoins, currently worth around $2,000.One can only hope that Yahoo, which hosted the ads willingly and apparently without filtering and pre-clearing the ad content, wasn't in on the scheme.To be sure, it has been slammed for keeping users in the dark.Yahoo has been criticised for not doing more to aid users infected by the faulty adverts.Dan Farber of technology site CNET says that: "At this point, Yahoo hasn't addressed any of the details, such as how the malware exploit got into its Web pages, how many users are impacted, and what victims of the attack should do.bitcoin hourly investmentThe company may still be gathering data."bitcoin hong kong miningAll in all, a rather ingenious wealth extraction scheme: either have others mine for Bitcoin, or demand a ransom if they want their computer back.bitcoin trend micro

We wonder how long until these activities are added to the definition of GDP in the New Normal economy?The best news, however, is that there are still at least two millions people who use Yahoo.You’re sitting at your computer when you get an email from your local bank saying you were just hit with a charge for a new $1,200 MacBook that you never bought.You click the email and follow the embedded link or download the included receipt to find out what’s up.Just like that, your computer has been infected with ransomware.You can’t access your files, and all you can see is a timer counting down the time until hackers delete your computer’s drive unless you pay them a fee in iTunes gift cards.All you can do is scratch your head and wonder what the hell just happened.Well, I’m here to explain that to you — and to help you fight back against ransomware criminals.The most important thing to remember is this: Never, ever pay the ransom.Let’s start with the basics.A particularly nefarious form of malware, ransomware is a piece of software criminals use to lock you out of your computer by encrypting its files and holding them for ransom for a specific dollar amount.If you don’t pay up, you can potentially say goodbye to your photos, tax documents, pay stubs, and any other documents you’ve saved throughout the years.This isn’t some idle threat, either.

If you don’t pay, your documents will disappear or simply stay locked up until you completely reformat your system.Ransomware programs sometimes require you to pay in Bitcoin, an anonymous currency that can’t be tracked.However, criminals have increasingly begun demanding payment in the form of iTunes or Amazon gift cards, since the average person doesn’t know how to use Bitcoin, according to Gary Davis, chief consumer security evangelist at Intel Security.The amount you have to pay to unlock your computer can vary, with some experts saying criminals will ask for up to $500.To be clear, ransomware doesn’t just target Windows PCs.The malware has been known to impact systems ranging from Android phones and tablets to Linux-based computers and Macs.According to Davis, ransomware was actually popular among cybercriminals over a decade ago.But it was far easier to catch the perpetrators back then since anonymous currency like Bitcoin didn’t exist yet.Bitcoin helped changed all that by making it nearly impossible to track criminals based on how victims pay them.There are multiple types of ransomware out there, according to Chester Wisniewski, a senior security advisor with the computer security company Sophos.

Each variation is tied to seven or eight criminal organizations.Those groups build the software and then sell it on the black market, where other criminals purchase it and then begin using it for their own gains.Ransomware doesn’t just pop up on your computer by magic.You actually have to download it.And while you could swear up and down that you’d never be tricked into downloading malware, cybercriminals get plenty of people to do just that.Here’s the thing: That email you opened to get ransomware on your computer in the first place was specifically written to get you to believe it was real.That’s because criminals use social engineering to craft their messages.For example, hackers can determine your location and send emails that look like they’re from companies based in your country.“Criminals are looking are looking up information about where you live, so you’ll click (emails),” Wisniewski explained to Yahoo Finance.“So if you’re in America, you’ll see something from Citi Bank, rather than Deutsche Bank, which is in Germany.”Cybercriminals can also target ransomware messages to the time of year.

So if it’s the holiday shopping season, criminals might send out messages supposedly from companies like the US Postal Service, FedEx or DHL.If it’s tax time, you could receive a message that says it’s from the IRS.Other ransomware messages might claim the FBI has targeted you for using illegal software or viewing child pornography on your computer.Then, the message will tell you to click a link to a site to pay a fine — only to lock up your computer after you click.It’s not just email, though.An attack known as a drive-by can get you if you simply visit certain websites.That’s because criminals have the ability to inject their malware into ads or links on poorly secured sites.When you go to such a site, you’ll download the ransomware.Just like that, you’re locked out of your computer.How to protect yourselfRansomware attacks vulnerabilities in outdated versions of software.So, believe it or not, the best way to protect yourself is to constantly update your operating system’s software and apps like Adobe Reader.

That means you should always click that little “update” notification on your desktop, phone, or tablet.Don’t put it off.Beyond that, you should always remember to back up your files.You can either do that by backing them up to a cloud service like Amazon Cloud, Google Drive or iCloud, or by backing up to an external drive.That said, you’ll want to be careful with how you back up your content.That’s because, according to Kaspersky Lab’s Ryan Naraine, some ransomware can infect your backups.Naraine warns against staying logged into your cloud service all the time, as some forms of malware can lock you out of even them.What’s more, if you’re backing up to an external hard drive, you’ll want to disconnect it from your PC when you’re finished, or the ransomware could lock that, as well.Naraine also says you should disconnect your computer from the internet if you see your system being actively encrypted.Doing so, he explains, could prevent all of your files that have yet to be encrypted from being locked.Above all, every expert I spoke with recommended installing some form of anti-virus software and some kind of web browser filtering.

With both types of software installed, your system up to date, and a backup available, you should be well-protected.Oh, and for the love of god, avoid downloading any suspicious files or visiting sketchy websites.What to do if you’re infectedEven if you follow all of the above steps, ransomware could still infect your computer or mobile device.If that’s the case, you have only a few options.The first and easiest choice is to delete your computer or mobile device and reinstall your operating system.You’ll lose everything, but you won’t have to pay some criminal who’s holding your files hostage.Some security software makers also sell programs that can decrypt your files.That said, by purchasing one, you’re betting that it will work on the ransomware on your computer, which isn’t always the case.On top of that, ransomware makers can update their malware to beat security software makers’ offerings.All of the experts agree that the average person should never pay the ransom — even if it means losing their files.