According to the latest research from Virus Bulletin (VB), the volume of spam sent from compromised accounts in the Yahoo! system has experienced a boost lately which VB believes is an issue with Yahoo!, rather than the users system.
The spam messages are very difficult to filter, as senders are legitimate and typically communicate with the recipient on a regular basis. In addition, these messages include more than a link to a URL, which is hosted on a compromised website that is legitimate.
Problems occur when users open the link in a browser, which redirects them to a website that advertises healthcare products. But when the link is opened on an Android device, it immediately downloads a virus, similar to the “NotCompatible” trojan.
Virus Bulletin said that the problem appears to come from Yahoo! as the amount of spam from its accounts largely exceeds the spam messages sent from other email providers. In addition, VB reportedly discovered that Yahoo! accounts that have not been used in a long period of time have been attacked as part of the spam campaign.
In the past few months, Yahoo! Mail is said to have been widely criticised by the security community, firstly because it does not offer its users HTTPs by default and also because email addresses that have not been used for over a year are not opened for registration again. VB said it has reason to believe that Yahoo! must be aware of these issues, but a solution seems to be difficult to find since the company has not resolved it yet.