Hacked, BackDoor Injected in Code

OpenX hacked

Popular ad-platform has been hacked. Users are warned not to download files hosted on server. According to reports, the, tgz and bz2 all archives contains a backdoor. It can allow cyber criminals to execute arbitrary code on the impacted servers.

OpenX hacked

Worst thing is that the malicious files have been hosted on the server since November 2012. So many users have downloaded files in last seven months.

Researchers from Sucuri have also identified the backdoor. They reported that backdoor is added in a Javascript file of flowplayer. Path of the file is /plugins/deliveryLog /vastServeVideoPlayer /flowplayer/3.1.1/ flowplayer-3.1.1.min.js.

OpenX representatives confirmed to Heise researchers that they have removed the affected files. But there is no official announcement from the company on the issue. We are waiting for the official response.

This is not the first time when has been hacked. last year in March 2012, it was hacked and served malware to users.

Update: OpenX has released the new version and patched the vulnerability.

“Recently we became aware of a security issue with OpenX Source v. 2.8.10 (the open source ad serving product) whereby the binary distribution of v. 2.8.10 was compromised, and two of the files were replaced with two new modified files that contained a remote code execution vulnerability,” Open X posted in blog.

“In response to this situation, we have released OpenX Source v. 2.8.11. OpenX Source v. 2.8.10 users should visit – – for comprehensive instructions for remediation,” It added.

Share this article
Shareable URL
Prev Post

Facebook App for BlackBerry 10 Gets Facebook Chat

Next Post

Create Windows Phone Apps With MicroSoft’s New Windows Phone Web Tool

Leave a Reply
Read next
Subscribe to our newsletter
Get notified of the best deals on our WordPress themes.