OpenX 2.8.10 backdoor
Description
The binary distribution of OpenX Source version 2.8.10 was compromised by attackers who replaced legitimate files with backdoored versions containing a remote code execution vulnerability. This supply chain attack affected all downloads of OpenX 2.8.10 from at least November 2012 through August 2013, meaning users who downloaded the software during this period unknowingly installed a compromised version with a built-in backdoor.
Remediation
Immediately upgrade to OpenX version 2.8.11 or later, which does not contain the backdoor. Before upgrading, conduct a thorough security audit of your server to identify any signs of compromise or unauthorized access that may have occurred while the backdoored version was installed. After upgrading, review server logs for suspicious activity, rotate all credentials and API keys associated with the OpenX installation, and consider performing a clean reinstallation from verified sources rather than an in-place upgrade if there is evidence of exploitation. Verify the integrity of downloaded files by checking official checksums before installation.