Publishers and advertisers who used OpenX’s free, open-source OnRamp service are left scrambling to find alternatives after hackers infected the ad server with malware over the weekend and forced the company to permanently shut it down today.
Users were first notified of the issue in a message posted on the OpenX help forum at 7:46 a.m. ET yesterday.
“OnRamp has been the subject of escalating hacker activity in recent months, culminating in a serious attack that occurred Saturday, February 9, 2013,” the message reads. “We have made the difficult decision to suspend the OnRamp service to protect our customers as we investigate the breach further and assess the ability of the OnRamp service to withstand future threats. At this time, we cannot predict when, or whether, the OnRamp system will be operational again.”
The post went on to say that OpenX’s paid ad serving platforms, including OpenX Enterprise and OpenX Market, were not afffected by the issue.
A follow-up post on the forum at 8:33 a.m. ET this morning announced the termination of OnRamp.
“After further review of the intrusion, other recent attacks on the service, the effect on our publishers and advertisers, the recent increased frequency of malicious hacking activity directed against technology companies of all types, the possibility of future intrusions through this open source service which could continue to jeopardize OnRamp customers, the virtual impossibility of ensuring the continued security of OnRamp in an environment of increasingly sophisticated and powerful intrusions that exploit open source software, and the resources we would be required to expend to maintain the security of the service, we have decided that we will no longer host and operate the OnRamp service,” read today’s post.
“We sincerely regret that the actions of a limited number of bad actors have forced us to terminate a service used for many years without cost by our valued customers,” the post continued. “In order to facilitate customers’ transition to another service, we will be reactivating the user interface, but not advertising delivery, of OnRamp at 5:00 p.m. Pacific Time on Tuesday, February 12, 2013. Through the user interface, customers will be able to view the status of their accounts and copy relevant information needed in order to transition their ad serving to another provider. OnRamp, however, will no longer deliver advertising. The user interface will be available until Friday, March 22, 2013 at 5:00 p.m. Pacific Time, at which time OnRamp will be terminated permanently. We will post additional information in the days ahead to assist customers with the transition.”
Customers with further questions were advised to send emails to firstname.lastname@example.org.
The news comes on the heels of several positive developments for OpenX. Last month, the company announced it had completed a $22.5 million Series E funding round, and partnered with AdTruth to deliver more effective mobile ad inventory sold through the OpenX Market RTB platform. And last week, Open X was ranked number 7 on Forbes’ America’s Most Promising Companies List.
“OpenX just raised a new round of financing,” said Marc Poirier, CMO/Co-Founder of Acquisio. “They just can’t risk their reputation on an open source product that generates no revenue for them while their entire business hinges on operating an exchange — which also happens to handle media. Their focus needs to be where the money is, and in situations like this, there is only one choice for the company to make and that is to shut down the free service and focus on the paid product.”
A media representative for OpenX, reached this afternoon via email, said the company had nothing to add to its previously released statements at this stage.