Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security

September 16th, 2010, 08:10 GMT · By

Tucows Falls Victim to OpenX-Based Malvertizing Attack

SHARE:

Adjust text size:

Compromised Tucows ad server distributed malware
Enlarge picture
Tucows is the latest victim of hackers, who exploit a recent OpenX vulnerability to push malicious code onto legit websites in the form of advertisements.

Malvertizements are ads riddled with malicious code, which either exploit vulnerabilities in outdated software to install malware or promote rogue applications (scareware).

According to a recent report from Web security vendor Dasient, as much as 1.6 million malvertisements are served on a daily basis to Web users.

During the past week, a number of high profile websites including The Pirate Bay, AfterDawn or eSarcasm had their advertising operations compromised by hackers.

Researchers from ParetoLogic, report that software download website Tucows is the last addition to the list and was found serving a drive-by-download-type exploit from advertise.tucows.com.

The malicious code was being loaded from external domains registered to an address in Russia and was targeting the Microsoft Windows Help Center vulnerability patched earlier this year.

Successful exploitation led to a variant of the Bredolab trojan being installed on the victim's computer. This threat is known a distribution platform for rogue antivirus programs.

Andy Walker, Tucows General Manager, confirmed for ParetoLogic that the incident was the result of hackers compromising the OpenX server used by the company to deliver ads.

"We detected the intrusion, patched the vulnerability in OpenX and resolved the issue quickly," the company representative noted.

OpenX is a popular open source platform, which allows webmasters to sell and serve ads without the need of signing up for third-party hosted services like Google AdSense.

Two days ago the OpenX development team has released version 2.8.7 of the application in order to patch the vulnerability that enabled this and the previously mentioned attacks.

"It has been brought to our attention that there is a vulnerability in the 2.8 downloadable version of OpenX that can result in a server running the downloaded version of OpenX being compromised.

"To avoid this issue, we recommend that all users immediately upgrade their systems to 2.8.7," the developers write in a post on the project's official blog.


2,494 hits · 1 comment
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


OpenX Vulnerability Exploited to Compromise Multiple Ad Servers
The Pirate Bay Hit by Malvertizements
OpenX-Based Malvertising Attack Discovered
TweetMeme Hit by Malvertisement
Malvertizement Infects Gizmodo Visitors with Scareware

READER COMMENTS:


Comment #1 by: opensourcefan on 16 Sep 2010, 20:14 UTC reply to this comment

Openx - sorry guys, too little too late.

Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use