Google Adsense Javascript Hack...

We are using phpAdsNew for our banner rotation and about once a week or so, we find that the javascript embedded in our HTML for phpAdsNew has been replaced by code for Google Adsense. Here is the code we are finding:

<script type="text/javascript"><!--
google_ad_client = "pub-3191152759796366";
google_ad_width = 468;
google_ad_height = 60;
google_ad_format = "468x60_as";
google_ad_type = "text_image";
google_ad_channel = "";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

I think that they are exploiting the code from phpAdsNew. Does any one know how this is being accomplished or how I can prevent it from happening again? We have contacted Google regarding the code being embedded but I need to figure out why this is happening.

It has nothing to do with Google so contacting them unless it was to report that someone was hacking your site and inserting ads belonging to google_ad_client pub-3191152759796366 (either the person themselves trying to earn from your site or someone else hoping that you'd report them and get them banned from Google).

The most likely cause is a security hole in phpAdsNew and so you should be reporting the problem to the writers of phpAdsNew so that they can investigate and fix it.

Thanks Felgall. I never considered that they might be trying to get someone banned from Google. The Google Bandit ( as we've come to call he or she) strikes at least once a week, sometimes twice in one day when they are feeling particularly energetic. I am going to report the bug to the PAN group and see what they think.

I appreciate you taking the time to post.