Cracker Targets Ad Servers with IE Exploit

Falk eSolutions is an Ad Serving company who according to their website “is now the third-largest ad management solution worldwide, serving over 12 billion ad impressions per month”.

On 20/11/04 some clever cracker broke into one of their load balancing servers that handles ad deliveries and successfully loaded exploit code on servers serving ads on hundreds of clients’ Web sites. Users visiting Web sites that carried banner advertising delivered by Falk’s affected servers were periodically delivered a file which tried to execute an IE-Exploit function on the users’ computer.

Falk AdSolution clients include AtomShockwave, IDG, A&E Television Networks, MediaCom and Universal McCann.

European tech publisher The Register was the first to notice that banner ads served by Falk were launching exploit code to non-SP2 IE users. The Register advised readers ” If you may have visited The Register between 6am and 12.30pm GMT on Saturday, Nov 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine with up to date anti-virus software, to install SP2 if you are running Windows XP, and to strongly consider running an alternative browser, at least until Microsoft deals with the issue.”