Has OpenX's open source ad server been hacked to death? After a serious attack on Saturday, OpenX abruptly pulled the plug on the OnRamp product yesterday, leaving customers scrambling to find new ad servers and reconstruct insertion orders.
OpenX announced the shutdown this morning in a retroactive forum post, and offered little comfort to existing customers regarding when OnRamp may be up and running again. Indeed, the post all but tells site owners to look elsewhere for their ad serving needs. "At this time, we cannot predict when, or whether, the OnRamp system will be operational again," it says.
In recent months OpenX has been called out for escalating malware activity through the self-serve OnRamp product. (It still operates an enterprise grade ad server.) A January story in ITWorld criticized the company for ill-considered approaches to monetization of OnRamp partner inventory through the OpenX Market ad exchange. That piece describes how malware has been easily spread through a vulnerability known as an "append" attack, where hackers using the OpenX Market plugin can inject malicious code into OnRamp customers' ad space through an append/prepend database column.
Many OpenX customers expressed surprise on Twitter about the suddenness of the move. Rival ad server Adzerk said new customers were signing up yesterday at more than three times the normal rate. CEO James Avery said these customers are upset they can't extract their data, creative, or campaign details from the OnRamp systems. To cope, many have been forced to dig through through email to locate insertion orders and reconstruct campaigns.
While ad serving products can be shut down – for instance due to acquisition – such events typically happen with at least a 30 or 60-day notification to customers.
Here's the ful text of OpenX's forum post:
"OpenX’s security team is committed to the security of our services. OpenX OnRamp is a no-cost SaaS service based on our open source ad serving product (unlike our other enterprise grade offerings which run on a separate code base), which we have run as a free service to the community.
OnRamp has been the subject of escalating hacker activity in recent months, culminating in a serious attack that occurred Saturday, February 9, 2013. We have made the difficult decision to suspend the OnRamp service to protect our customers as we investigate the breach further and assess the ability of the OnRamp service to withstand future threats. At this time, we cannot predict when, or whether, the OnRamp system will be operational again.
We will post additional information in this forum as it is available. We sincerely apologize for any inconvenience caused. Other OpenX services, including OpenX Enterprise and OpenX Market, continue to operate normally."
Email This Post