WW
WASC Web Hacking Incidents Database
Mon, Apr 25, 2011 3:38 PM
*Entry Title: *WHID 2011-88: Yahoo! PH Purple Hunt 2.0 Ad Compromised
*WHID ID: *2011-88
*Date Occurred: *April 24, 2011
*Attack Method: *Malvertising
*Application Weakness: *Improper Output Handling
*Outcome: *Planting of Malware
*Attacked Entity Field: *Search Engine
*Attacked Entity Geography: *USA
*Incident Description: *Earlier the other day, I was browsing through the
Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention.
Curious, I clicked the ad and found my browser downloading a suspicious file
named com.com.
*Mass Attack: *No
*Reference: *
http://blog.trendmicro.com/yahoo-ph-purple-hunt-2-0-ad-compromised/
*Attack Source Geography: *
*Entry Title: *WHID 2011-88: Yahoo! PH Purple Hunt 2.0 Ad Compromised
*WHID ID: *2011-88
*Date Occurred: *April 24, 2011
*Attack Method: *Malvertising
*Application Weakness: *Improper Output Handling
*Outcome: *Planting of Malware
*Attacked Entity Field: *Search Engine
*Attacked Entity Geography: *USA
*Incident Description: *Earlier the other day, I was browsing through the
Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention.
Curious, I clicked the ad and found my browser downloading a suspicious file
named com.com.
*Mass Attack: *No
*Reference: *
http://blog.trendmicro.com/yahoo-ph-purple-hunt-2-0-ad-compromised/
*Attack Source Geography: *
