arun Posted January 5, 2017 Report Share Posted January 5, 2017 Hi, we use Revive Adserver version 3.2.2 as our ad server for the last 10 months or so. we were serving revive tags via DFP, It was working fine until this week. Yesterday we got multiple emails from DFP saying the ad scripts are Malware and thus DFP disabled them due to policies. We investigated the server where revive is hosted, but couldn't find any solid evidence of breaching. I wanted to check if any one have faced this issue before, we could use any advice as this is affecting our delivery. DFP identified the following files as Malware www/delivery/ajs.php www/delivery/lg.php www/delivery/asynspc.php Any help will be appreciated, thanks. Quote Link to comment Share on other sites More sharing options...
Matteo Beccati Posted January 9, 2017 Report Share Posted January 9, 2017 If you are serving 3rd party content, then the malware might be coming from them. arun 1 Quote Link to comment Share on other sites More sharing options...
firstimpression Posted January 17, 2017 Report Share Posted January 17, 2017 Your Revive installation might have been hacked, and malware is served right from your adserver (in zone append fields) Quote Link to comment Share on other sites More sharing options...
aaron Posted January 19, 2017 Report Share Posted January 19, 2017 Hi arun, Any progress or solution on your problem? I experience a similar issue where AdX has flagged some of my revive urls (no info on exactly which ones) as malware. I'm running v4.0.1-dev . I checked my whole domain for malicious code, checked append/prepend fields, checked database for illegal users but found nothing so far. No 3rd party content served so the issue is within my domain (or a false positive from google). Quote Link to comment Share on other sites More sharing options...
arun Posted January 19, 2017 Author Report Share Posted January 19, 2017 Hi All, UPDATE : So, apparently one of our third party ad vendor was serving malicious ads, but since we served their tags via our Ad server, google flagged our domain as Malicious. We had to contact the DFP support and explain them the server is fine and also we are not directly associated with the malicious advertiser, after a bunch of mails and convincing we were able to whitelist our domain. 5 minutes ago, aaron said: Hi arun, Any progress or solution on your problem? I experience a similar issue where AdX has flagged some of my revive urls (no info on exactly which ones) as malware. I'm running v4.0.1-dev . I checked my whole domain for malicious code, checked append/prepend fields, checked database for illegal users but found nothing so far. No 3rd party content served so the issue is within my domain (or a false positive from google). I would suggest you to contact DFP support and explain the situation. If you use third party tags to server ads it could be one of them that's injecting the malicious ads. Quote Link to comment Share on other sites More sharing options...
firstimpression Posted January 22, 2017 Report Share Posted January 22, 2017 Moral: always run third-party ad vendors in sandboxed iframe. Quote Link to comment Share on other sites More sharing options...
tristangemus Posted August 31, 2017 Report Share Posted August 31, 2017 Hi Arun, I'm working through a similar issue right now. How did you contact DFP? After multiple days I've have zero contact with them. Thanks, Tristan. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.