The Wirecutter, a popular gadget site run by former Gizmodo head Brian Lam, was under attack on March 19 and 20 from a source that should have been trusted. The advertising agency that handles that site and many others like The Awl, The Hairpin, The Splitsider and more, came under attack thanks to an exploited flaw in the code.
The Wirecutter reports that "the cause was an exploit on an OpenX advertising server run by the guys who handle ads for The Wirecutter". The attack reportedly lasted for 10 hours and allowed for the insertion of malicious code onto an advertising server that could be inserted into the ads displayed on The Awl network.
The site is warning its users that this means "that, if you visited an Awl network site (including The Wirecutter) Tuesday or Wednesday, you may have been exposed to malware". The site goes on to explain that to fix the problem "We nuked our existing ad server and are moving to a different ad serving platform entirely in the near future".
The site's Kevin Purdy, formerly of Lifehacker, wrote a question and answer section included in the announcement and intended to help users understand what happened and what the risks are -- and most importantly, what to do if you visited the site during the affected time frame.
For those who were using Google's Chrome, the web browser was actually blocking access to the site during this period so, unless you bypassed the warning, you should have no worries. The editor was left with nothing much that he could say other than "I apologize for putting you and your computer at risk".
Photo Credit: Photosani/Shutterstock