[here's a good reason to block adservers! They are targets for
crackers... note ... these Falk guys are losers. I have seen their
URLs in spyware I have cleaned from customer systems. I would never
have their ads on MY sites in the first place. Their adserver is
listed in the HOSTS file I sent around last week. - Stu]
By Falk eSolutions
Published Monday 22nd November 2004 10:04 GMT
Site notice On Saturday, The Register suspended service by third
party ad serving supplier, Falk, following security issues detailed
here.
Falk fixed the problem within six hours of notification. Here is its
summary of what went wrong:
Saturday, 20th November 2004 Falk eSolutions clients using AdSolution
Global experienced problems with banner delivery between 6.10pm and
12.30pm GMT. This started on Saturday morning with a hacker attack on
one of our load balancers. This attack made use of a weak point on
this specific type of load balancer. The function of a load balancer
is to evenly distribute requests to the multiple servers behind it.
The system concerned was only used to handle a specific request type
to our ad server and has now been investigated.
The use of a weak point in one of our load balancers led to user
requests not being passed to the ad servers. Instead the user
requests were answered with a 302 redirect to a compromised website.
This happened with approximately every 30th request. Users visiting
websites that carry banner advertising delivered by our system were
periodically delivered a file from the compromised site. This file
tries to execute the IE-Exploit function on the users' computer.
---
* Origin: [adminz] tech, security, support (192:168/0.2)
generated by msg2page 0.06 on Jul 21, 2006 at 19:04:02
search: