14 DAY TRIAL // The Popbitch celebrity gossip website was blacklisted by Google after hackers managed to compromise its ad server and push malware to users.
Yesterday people had trouble accessing popbitch.com, a popular UK-based celebrity gossip website, who's board is said to be frequented by music industry insiders.
This is because the domain was blacklisted in Google's Safe Browsing service, which is used by Google Search, as well the Firefox and Chrome browsers.
"Of the 103 pages we tested on the site over the past 90 days, 10 page(s) resulted in malicious software being downloaded and installed without user consent.
"Malicious software includes 1 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine," the corresponding Google Safe Browsing diagnostic page reads.
A Popbitch spokesperson has since confirmed that the website served malicious ads for a limited period of time after its ad server was compromised by hackers.
"We've got to the bottom of this problem and are just waiting for the all clear from Google," they told The Register.
"There is a vulnerability in Open Ads X, the ad server we were using. We've cut off open ads from Popbitch and are upgrading to OpenAds 2.8.7," they added.
Open Ads X refers to OpenX, a popular open source platform used by webmasters to sell advertising space directly without signing up to services like Google AdSense.
A recent OpenX vulnerability was used to compromise ad operations in a similar way on many high profile website.
Two days ago we reported about The Pirate Bay being blacklisted by Google for the same reason, while yesterday Tucows fell victim to the attacks too.
AfterDawn and eSarcasm also reported having their OpenX-based ad servers hacked into over the weekend, but the attackers did not use them to serve exploits like in the other cases.
Users are strongly encouraged to upgrade to OpenX 2.8.7, which was released three days ago and contains a fix for this issue.