On Friday, Fox-IT, a Delft, Netherlands-based computer security firm, wrote in a blog that attackers had inserted malicious ads served by ads.yahoo.com.
In statement on Sunday, a Yahoo spokesman, said: "On Friday, January 3 on our European sites, we served some advertisements that did not meet our editorial guidelines, specifically they spread malware." Yahoo said it promptly removed the bad ads, and that users of Maccomputers and mobile devices were not affected.
Malware is software used to disrupt a computer's operations, gather sensitive information, or gain access to private computer systems.
Fox-IT estimated that on Friday, the malware was being delivered to approximately 300,000 users per hour, leading to about 27,000 infections per hour. The countries with the most affected users were Romania, Britain, and France.
"It is unclear which specific group is behind this attack, but the attackers are clearly financially motivated and seem to offer services to other actors," Fox-IT wrote in the January 3 blog post.
(Reporting by Phil Wahba in New York; Editing by Eric Walsh)