Feeds

Register restores ad service

Some rough figures

  • alert
  • submit to reddit

Site Notice On Saturday, The Register suspended service by third party ad serving supplier, Falk, following security issues detailed here.

Today we have restored the service, after satisfying ourselves that this problem is fixed. Falk's statement on what went wrong is here.

Our thanks for all your emails. We appreciate the kind words and note the performance issues that many of you raise. We will be seeking to address this in coming weeks.

At a rough guess, the number of Reg readers exposed to the Bofra /IFrame exploit was in the low hundreds. We have no means of estimating how many of these were protected by firewalls or anti-virus software protection.

During the period Falk's service was compromised - between 6.10am and 12.30pm on Saturday, 11660 unique individuals using Windows and IE6 visited The Register. We haven't drilled down the different flavours of Windows, but we assume that the majority were not on Windows XP SP2 boxes. Reader with Windows XP SP2 are protected from the Bofra /IFrame exploit, along with the rest of the non-Windows world. On average readers looked at three pages a pop. So that's around 35,000 pages in which the rogue ad could have been served. According to Falk, one in 30 requests for a banner ad were redirects to the site containing the bofra worm. If this is correct around 1,170 rogue ads were served on our site.

We apologise again for exposing readers to this. We also urge readers using IE on Windows to switch browsers, at least until the iFrame exploit is patched properly.

Here is advice from McAfee on removing the Bofra worm. ®

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.