Online advertising website, openx.org compromised, backdoor injected

Advertising platform, openX is accordingly serving backdoors that are injected in the openX download files. Softpedia reported, those file hosted on openx.org could allow cyber criminals to inject arbitrary code on impacted servers.

Those malicious files hid on the openx-2.8.10.zip, the tgz and the bz2 archives and appears to be there since November 2012.

In another investigation, it stated that the backdoor  is hidden inside the following file: /plugins/deliveryLog /vastServeVideoPlayer /flowplayer/3.1.1/ flowplayer-3.1.1.min.js.

Back in March 2012, the website is also compromised that then served malware to users.