Those that were trying to access LoyaltyLobby last Monday (July 31, 2017) in the afternoon eastern time were in for an unfortunate surprise!
For about two hours some visits to our site brought pop-up ads from an ad server in the Netherlands, advertising dodgy websites.
Here’s what happened per our tech guy:
The advertising re-directs were a result of an vulnerability in a CMS add-on we have been using. This code allowed the unauthorized replacement of our regular ad-services with those of a third-party server in Europe.
As such, we made the vendor aware of the issue and they have now patched the affected code and rolled out the update. However as there are probably thousands of other sites that are still yet to update and may be vulnerable, it would be unwise to be too specific at this time.
We only use Google’s platform for serving Adsense and paid placements on LoyaltyLobby, as all ads are reviewed by Google’s team for content. More questionable ad networks definitely detract from the decorum of LoyaltyLobby and therefore we do not use them.
This was the worst attack we have ever had that utilized a vulnerability in one of the add-ons that we were running (note the past tense).
My advice for anyone would be to run as clean of a WordPress installation as possible. Whenever there is a WP update it seems to break something and these WP plug-ins don’t come without their own issues as we experienced a week ago.
We didn’t want to address this issue before we were sure that we had patched up possible website vulnerabilities.