More NewsAd Serving Firm Delivers Virus

Ad Serving Firm Delivers Virus

Falk AG became an agent of the Bofra virus on Saturday, delivering the exploit to users whose browsers requested ads from its customers' sites.

Ad management firm Falk AG briefly became an agent of the Bofra virus on Saturday, delivering the Internet Explorer exploit to users whose browsers requested ads from its customers’ sites. The incident occurred between 12:10 a.m. and 6:30 a.m. Eastern Standard Time.

“On Saturday a virus was found on the Falk network which was inadvertently redistributed to a small number of users,” the company said in a statement.

Falk estimated two percent of its users received the virus, which it removed shortly after detection. Bofra originated on the company’s European network, but the statement did not address whether it had spread to publisher clients in other regions.

Falk’s publisher clients include Sony Pictures Digital, NBC Universal, Interep Interactive, AtomShockwave, The Golf Channel and The Register.

The Register, a tech-focused Web site, issued an alert to its readers on Sunday following the incident. The publisher urged users who visited in that window to update their virus software, and said it had suspended its patronage of Falk pending a deeper explanation of the incident. As of Monday morning, the publisher did not appear to be serving ads.

The Register also published a statement it received from Falk that differed from the one the ad serving company issued to the media. In it, Falk said the virus entered its network through a hacker attack on one of its load balancers. A load balancer is software that handles even distribution of ads to all servers.

“The use of a weak point in one of our load balancers led to user requests not being passed to the ad servers,” that statement said. “Instead the user requests were answered with a 302 redirect to a compromised website. This happened with approximately every 30th request. Users visiting websites that carry banner advertising delivered by our system were periodically delivered a file from the compromised site. This file tries to execute the IE-Exploit function on the users’ computer.”

Falk promised another statement would be released today, more fully explaining the incident.

Interactive marketing blog MarketingVOX first spotted The Register‘s statement and reported the incident.

Related Articles

GDPR: The role of technology in data compliance

Data & Analytics GDPR: The role of technology in data compliance

3w Clark Boyd
What companies can learn from the We-Vibe lawsuit about the Internet of Things

Legal & Regulatory What companies can learn from the We-Vibe lawsuit about the Internet of Things

8m Al Roberts
Has advertising arrived on Google Home?

Media Has advertising arrived on Google Home?

8m Al Roberts
Is Twitter slowly dying?

More News Is Twitter slowly dying?

9m Al Roberts
FedEx launches fulfillment service to take on Amazon

Ecommerce FedEx launches fulfillment service to take on Amazon

9m Al Roberts
Target is the top retail digital marketer, so why is it struggling?

Ecommerce Target is the top retail digital marketer, so why is it struggling?

8m Al Roberts
YouTube is "on pace to eclipse TV" thanks to savvy algorithm use

More News YouTube is "on pace to eclipse TV" thanks to savvy algorithm use

9m Al Roberts
YouTube is getting rid of 30-second unskippable pre-roll ads

Ad Industry Metrics YouTube is getting rid of 30-second unskippable pre-roll ads

9m Al Roberts