Some users of OpenX are still reeling and recovering from hacker attacks just last Sept. 2010, when an OpenX banner page hack placed a malicious JavaScript or Iframe into the banner page produced by an OpenX ad server.
This was often accomplished with a plugin and in some other cases the malicious code itself was injected into the OpenX database. Hackers have inserted backdoor scripts, which allow the hacker to obtain remote access to the hacked ad server. In some cases hackers added additional user accounts to the ad server. This was able to infect ad servers running up to version 2.8.6 (check what version you are currently running). OpenX has announced that they patched an undisclosed vulnerability in version 2.8.7, they also have a post with advice on cleaning up after a hack that took advantage of this. A previous hack infected ad servers last December, 2009 and was patched in version 2.8.3
And now from Sucuri.net, a blog that does research and tracks website hacking and blacklisting, came this post on Jan. 7th, 2011:
I was considering using this script, but am a bit leary of doing so now. Even being "hardened" with all the security Wordpress script upgrades, this one worries me. Anyone here have any experience with dealing with the OpenX issues?We are tracking a few sites that are currently blacklisted and showing a warning from Google that openx.org (home of a popular open source ad server) is the site responsible for the infection: 2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including openx.org/.
By looking at the diagnostic page for openx.org itself, it shows:Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, openx.org appeared to function as an intermediary for the infection of 82 site(s) including solovenezolanas.com/, thelocal.de/, drtuber.com/.
We are still tracking to see which ads are causing the issue, or if the openx servers themselves are compromised. If you include the tracking code from openx.org, we recommend that you check to see if there isn’t any malicious code being pushed to your users.


 
			
			 
					
					
					
						 Reply With Quote
  Reply With Quote
 Originally Posted by nicedreams
 Originally Posted by nicedreams
					

Bookmarks