OpenX - security problem with malware hack

I hit me cold when I saw the virus-scanner's red message was jumping on the screen. Administering www.weimar.de it is no fun, having a virus-warning on the frontpage of an official website. The reason was OpenX, Version 2.8.1. which I updated to 2.8.5. - which seemed too late since the database was affected. I got this code within my banner-js: Checking all php-files (no, actually most important these three: /var/yourdomain.conf.php /adjs.php /www/delivery/ajs.php ) I found nothing. Check it anyway, because in some cases it's a direct hack within those files (at the very beginning or the end). So I checked my database , the table phpads_banners (or openx_banners) and found nothing obvious. The malicious code is hidden within the BLOB-fields (which content you can only see if enabled within myPhpAdmin) and therefore there's one thing you can do: Set the fields: prepend append html_cache html_template empty! I rigourously cleared out all the sh*t by doing this simple statement: UPDATE `my_db`.`phpads_banners` SET `append` = NULL,`prepend` = NULL,`htmltemplate` = NULL, `htmlcache` = NULL WHERE 1; Good luck!I hit me cold when I saw the virus-scanner's red message was jumping on the screen. Administering www.weimar.de it is no fun, having a virus-warning on the frontpage of an official website. The reason was OpenX, […]