Well folks - the world of running a somewhat popular blog has taken us deep into another world of hackers, evil websites and the nefarious Google. Honestly, Nana Plaza, is looking pretty clean to me compared to what we have been battling all night. Simple blogs that run on a blog network of some sorts are pretty easy to deal with and generally don’t get attacked all that much but blogs running on their own server that have some decent amount of traffic and an okay Google Page Rank tend to get attention straight away. We run an open source version of Wordpress on a server in the US. I don’t claim to be an expert but I am fairly well versed in how to keep this stuff running but I will admit I goofed up by running an older version of Wordpress longer than I should have. My bad but I just did not think that our little site would be the focus of people wanting to exploit the blogsphere, game Google and make money on my simple mistake. How does this all work u say? I will try to explain but I am still unraveling all this as I go.
Basically everyone is trying to make money with ads or by having sites that sell stuff. It is just that simple. So everyone is trying to get their site noticed by the Google search engine since they pretty much dominant the world of search. Given this, people do anything they can to get their sites ranked higher in Google and many people who don’t give a shit about how they do it will hack into other decent sites and use that site to link to theirs. This accomplishes 2 tasks - it helps their Page Rank and it gets them instant hits. So it seems someone was able to get into our Wordpress installation and put in some code that would run a popup for ads and such. It seems this only appeared to Windows users running IE. Firefox seemed to block the popup by default and Mac users probably never even saw anything at all. I continue to be amazed out how bad the Windows/IE combo is on the internet but we take full responsibility for allowing someone to get into our system.
The problem is what to do now given the way Google handles all this. As some of u may have noticed if you find our site via the Google search engine u will notice it says our site may harm your computer. I guess in theory they are trying to protect the user and I applaud them for that but at the same time they did nothing to alert us, the people running the site, and they seem to give us very little recourse for changing this status within the Google system. Google is headless - meaning all this technology has no real humans behind it - so there is no one to appeal to. Same if u get your ads pulled - Google just blackmarks u and moves on. Funny though how they seem to let all sorts of other things go on providing those activities make Google money.
Meaning - during this time they never stopped accepting my ads for the website. Happy to take money in but they don’t care that the person they take money from is being labeled as a provider of malware - even though that is not exactly the case here. So what I am saying here - is someon can willfully run a malicious website and use Google to advertise this website without any issues at all.
Now try this search on Google. Notice that for the first 6 or 7 pages Google is mostly listing sites that took advantage of our Wordpress exploit to sell things and game the Google Page Rank system. Wait - I thought Google’s claim as the world’s leading search engine is to show u relevant results based on your search? So they know these are bad sites and they have marked our site as being exploited but yet they are not smart enough to not show these results since clearly they are not quality search results. Add to this that Google’s own blogging service, Blogspot, is the leading blog service for Zombie blogs. These are blogs that temporarily rent domain names, steal content from sites like ours, and then host Google ads as a way to make quick money. So Google is both using these exploits to their own monetary advantage while at the same time pretending to protect users from bad sites - like ours.
Amazing stuff. Never thought I would be spending sleepless nights battling this crap, appealing to Google and doing our best to bring u all quality content without sharing bad things that hackers like to create. To the best of my knowledge I believe our site is clean and we have closed any holes. I have tested this with numerous technologies and have verified that our site is not even listed on any of the known malware tracking sites but yet Google disagrees and continues to flag us. So our traffic will continue to drop and overtime may damage our overall ranking. Welcome to the neighborhood of friendly blogs!
In the future if any of u think this site has done something malicious please do not hesitate to email since I can assure we would never have willfully done anything like that. I also suggest that for any of you Windows users who may have had noticed a probleem that u need to update your virus tools and u should use Firefox. Back to the normal world - I hope.
Google…do no evil. Or whatever.
View all comments by The Asian Badger
> I have tested this with numerous technologies and have
> verified that our site is not even listed on any of the
> known malware tracking sites but yet Google disagrees and
> continues to flag us.
I think Google Bot picks up malware and blacklists sites by itself, they wouldn’t use databases created by others because they have infinitely more crawling capacity.
You can request to have your site un-flagged through the Google webmaster tools dashboard.
http://www.google.com/support/webmasters/bin/answer.py?answer=45432
View all comments by Orion
1. Make sure that you delete all the spam exploit crap.
2. Log in to Google Webmaster Tools and remove all these pages from Google index. (Tools -> Remove URLs)
3. In Webmaster Tools click “Request reconsideration” and send a note to Google explaining the situation and a promise to reform.
View all comments by BabaBobo
yeah - u can request to be unflagged but dig into some sites and u will see people have been fighting it for months without being unflagged. So I don’t think it will be that easy - there is also no one involved with the review. It is all automated.
fun fun
View all comments by smitty
I never had a problem with your site before, but i just got a new computer. After installation, I happened to surf to your site. Google gave me the message ‘this site can harm your computer’..mentioned some malware. I asked some buddies of mine and they hadn’t seen any problems. Once I merely typed in the url rather than search it in Google, I didn’t have a problem..ie, no malware message.
View all comments by bo
bo - yeah - Google cannot actually confirm there is malware - they have flagged the site so if u use the search engine or their toolbar it will tell u there is malware even if there is not. That will continue until they unflag me - who knows how long that will take.
http://www.spybye.org seems to be the leading site that allows one to use their proxy server and test sites. I have used this to test all the blog pages Google is flagging and have found nothing suspicious.
if u use windows I highly suggest using Firefox.
View all comments by smitty
Just to let folks know, I used a Windows installation running IE to replicate this yesterday, and easily did. I then ran the following:
- housecall (housecall.trendmicro.com, free online scan and fix)
- ad-aware (www.lavasoftusa.com, free download, run/scan/fix)
- reboot
and the Windows Secutiry Alert Dialog Box that pops up every 10 minutes or so with the message “…your system is infected…press Yes to download Spyware Remover…” no longer appears.
I then continued to surf using IE on http://www.tfs2m.com and didn’t get infected. This was after we cleaned our system so hopefully we are okay now. We will continue to monitor this and apologize for any inconveniences.
There is more information on Virus protection at http://www.spywareinfo.com/~merijn/programs.php (cwshredder is a good program from what I remember if you insist on using IE) and all over the net.
IE is the worst program I have ever run. Firefox is the best program I have ever run. I’m surprised IE still exists and is being used. It’s gotta be a Microsoft snow job. Firefox is really the only option unless you enjoy running 4 or 5 programs every few days to clean your system. Been running Firefox for a few years now and I have never run a single anti-virus program. I remember the days of using IE, it was horrible and still is.
The Firefox browser is free at http://www.mozilla.com/firefox and works on most every Operating System. We also use Firefox on the Internet terminal at the Mango and we have yet to encounter a virus…and we know our Customers surf some really raunchy sites ;). We have an IE icon on the Desktop but it runs Firefox when you click on it.
View all comments by pmmp
i read it on my phone. no problems or pop ups….
View all comments by MSB
Been lurking for about a month- great site. I use Safari and yeah, never saw a thing.
View all comments by R9
Way too technical for this liberal arts major.
Can we get back to business?
How’s the lineup at Rainbow IV?
View all comments by Jack Dawson
Say no to windows, switch to apple mac.
View all comments by rick
well. seems google has blessed us again. fun fun.
of course during this time our traffic plummeted and it also seems we have taken a hit with search results. fun fun
once again I apologize to all we may have affected and we will do our best to make sure this can’t happen again. some people have suggested, in email, that we did this on purpose but I really don’t understand how that would benefit us. I guess some people always like to think the worst of situations.
joy. onward and upward.
View all comments by smitty
“some people have suggested, in email, that we did this on purpose but I really don’t understand how that would benefit us. I guess some people always like to think the worst of situations.”
C’mon smitty; we’re all aware of the stock play you guys have on, shorting Google stock and going long on the owners of the Firefox software. You’re abusing your positions of power in shaping public opinion to line your own pockets! You may as well ‘fess up… it’s a well organized conspiracy. You may as well change your name to Gordon Gecko.
View all comments by werewolf
Firefox is open source software (OSS), a rather different business proposition relative to either Google or Microsoft, so it seems you’re making progress in your ongoing program to become funny, Werewolf!
Seriously though, the Windows/IE combination is an open invitation to malware-writers. If you must use Windows, Firefox is a far better option. Better yet is to ditch Windows altogether: Mac’s OS X is user-friendly, even for liberal arts majors like myself, while the code-cowboys may prefer Ubuntu Linux.
If you start using your Active-X controls on IE, or really take the plunge and turn your computing environment over to Windows Vista, best of luck. You’ll need it.
JtB
View all comments by Jack B
I didn’t know you could run Mac OS X on a PC?
View all comments by Young Royal
@YR: You can, but it’s not exactly straighforward…
http://wiki.osx86project.org/wiki/index.php/FAQ
View all comments by Bangkok Bad Boy