• Company
  • About US
  • NEWS
  • Development
  • Contact US
  • Sitemap
• Partners
  • Become A Partner
  • Reseller/Distributor
  • Links
• Solution
• Download
• Services
  • Professional Security Services
  • WEB Security Services
• Products
  • DAS-DBAuditor
  • DAS-WEBMonitor
  • DAS-LOGAuditor
  • DAS-WEBSCAN(MatriXay 3.0)
  • DAS-DBSCAN
  • DAS-WAF
• Home

Hackers exploited flaws in open-source advertising software

Source:csoonline

Hackers have exploited flaws in a popular open-source advertising software to place malicious code on advertisements on several popular Web sites over the past week.

The attackers are taking advantage of a pair of bugs in the OpenX advertising software to login to advertising servers and then place malicious code on ads being served on the sites. On Monday, cartoon syndicator King Features said that it had been hacked last week, because of the OpenX bugs. The company's Comics Kingdom product, which delivers comics and ads to about 50 Web sites, was affected.

After being notified of the problem Thursday morning, King Features determined that "through a security exploit in the ad server application, hackers had injected a malicious code into our ad database," the company said in a note posted to its Web site. King Features said that the malicious code used a new, unpatched Adobe attack to install malicious software on victims' computers, but that could not immediately be verified.

Web based attacks are a favorite way for cyber-criminals to install their malicious software and this latest round of hacks shows how ad server networks can become useful conduits for attack. In September, scammers placed malicious software on The New York Times' Web site by posing as legitimate ad buyers.

Attackers used one attack to get login rights to his server, and then uploaded a maliciously encoded image that contained a PHP script hidden inside it, he said. By viewing the image, attackers forced the script to execute on the server. It then attached a snippet of HTML code to every ad on the server. Known as an iFrame, this invisible HTML object then redirected visitors to a Web site in China that downloaded the Adobe attack code.

Security experts say that the Adobe flaw has not been widely used in online attacks, even though it has been publicly disclosed. On Monday, Symantec said it had received less than 100 reports of the attack.

That may be because many people are still running older versions of Reader that are vulnerable to other attacks. Adobe has been a favorite target of readers since a similar bug emerged last February. Adobe patched the issue in March, but users can avoid this attack and the current Adobe issue by simply disabling JavaScript within their Reader software.

CONTACT US >>