serving malware?

We are tracking a few sites that are currently blacklisted and showing a warning from Google that (home of a popular open source ad server) is the site responsible for the infection:

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including

By looking at the diagnostic page for itself, it shows:

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, appeared to function as an intermediary for the infection of 82 site(s) including,,

We are still tracking to see which ads are causing the issue, or if the openx servers themselves are compromised. If you include the tracking code from, we recommend that you check to see if there isn’t any malicious code being pushed to your users.

About David Dede

David Dede is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Share This