Popular ad-platform OpenX.org has been hacked. Users are warned not to download files hosted on OpenX.org server. According to reports, the openx-2.8.10.zip, tgz and bz2 all archives contains a backdoor. It can allow cyber criminals to execute arbitrary code on the impacted servers.
Worst thing is that the malicious files have been hosted on the server since November 2012. So many users have downloaded files in last seven months.
Researchers from Sucuri have also identified the backdoor. They reported that backdoor is added in a Javascript file of flowplayer. Path of the file is /plugins/deliveryLog /vastServeVideoPlayer /flowplayer/3.1.1/ flowplayer-3.1.1.min.js.
OpenX representatives confirmed to Heise researchers that they have removed the affected files. But there is no official announcement from the company on the issue. We are waiting for the official response.
This is not the first time when Opex.org has been hacked. last year in March 2012, it was hacked and served malware to users.
Update: OpenX has released the new version and patched the vulnerability.
“Recently we became aware of a security issue with OpenX Source v. 2.8.10 (the open source ad serving product) whereby the binary distribution of v. 2.8.10 was compromised, and two of the files were replaced with two new modified files that contained a remote code execution vulnerability,” Open X posted in blog.
“In response to this situation, we have released OpenX Source v. 2.8.11. OpenX Source v. 2.8.10 users should visit – http://forum.openx.org/index.php?showtopic=503521628 – for comprehensive instructions for remediation,” It added.
