Hacker News new | past | comments | ask | show | jobs | submit login
Google Chrome is detecting malware on The Verge (skitch.com)
63 points by k33l0r on Sept 16, 2012 | hide | past | web | favorite | 27 comments

This is Luke Zimmermann from VOX Media, the parent company of The Verge and SB Nation. We've requested a formal review with Google after going to extreme steps to pull our advertising content to both do a thorough review and error on the side of caution that there wasn't anything malicious being inadvertently served up. At this time we're doing everything we can to get this on Google's radar and get it sorted out. We're continuing to monitor the situation as well and do everything in our power to make sure none of our readers and users are at any risk.

Definitely check for any unusual included content and then request a malware review. I emailed the malware team to make sure that this is on their radar.

More info is at http://support.google.com/webmasters/bin/answer.py?hl=en&... and by doing a [site:google.com malware review] search, but it looks like you've requested the malware review correctly. In the mean time, I'd just double-check for any way that malware could have been included/downloaded on the pages.

Just a quick note: the message is gone for me now, so it looks like the malware review went through with no problems.

You could get TheVerge unblocked right now: Move your stylesheets and other static files to a different CDN (not the sbnation domain).

If TheVerge can take it... just refer to the local addresses. Shove a Varnish instance in front to help if you fear for the web servers.

Unless you routinely serve up javascript from domains like 'dustym' on port 8888, then you apparently haven't done anything yet - it's still being included on www.theverge.com right now.

edit: thanks for the heads up, that was not the issue at hand.

If it helps or anything, this is what Chrome is reporting specifically to me: https://img.skitch.com/20120916-erdbdjn5w9dqp4rr8feu7f4ygm.j...

Might just be because they're on sbnation, but there ya go.

Do you pre-approve and scan every single new advertisement to make sure it doesn't contain malware?

Buying ads on large sites with lax controls is a very common and simple way to distribute trojans.

FYI: SBNation is the main property of VOX Media that owns The Verge.

Something nasty must've gotten onto their CDN, but it wasn't necessarily from The Verge - since they operate a significant amount of websites - it's just that The Verge was using their parent company's resources.

The alert says that theverge.com itself is not blacklisted just contains stuff from infected sites.

I would try setting a new hostname for the cdn content servers and see if that works. Assuming of course they have gotten rid of the malware.

What can a site Owner do in this situation? Does Google provide information on why a site is flagged?

Not really. I had a few websites that ran on Wordpress and got "infected" because of some vulnerabilities in a plugin. I had to manually remove the malware code - usually it's pretty easy to find - and go through Google website verification https://support.google.com/webmasters/bin/answer.py?hl=en...

The Safe Browsing diagnostic page is your best bet when this happens.


Edit: Firefox provides these links in the form of a button labeled "Why was this page blocked?"

I wrote this a while back after having Google flag my site as malicious. http://www.besttechie.com/2011/09/19/how-to-fix-site-google-...

You can submit the site for review in google webmastertools but i think that is only for serps removal. Also AFAIK Chrome takes malware data from google's severs so webmsatertools seems to be the place to go.

I got malware warning on Google Reader today. I wonder if this is related.

I just got one on YouTube, weird...

I hope this doesn't set back the launch of Polygon. We've already been waiting for months, and according to Press Reset (their making-of documentary for the site), it's supposed to launch in October.

It won't affect Polygon

Why would you link me to that? There is no discussion there that is of any value above what's in this thread (there are no comments). Please don't do that; I realize it was only a couple seconds of my life wasted (plus the 30 seconds to write this comment), but I would really appreciate it if this didn't become a trend.

Sorry wouldn't do that in the future if that's so disturbing.

Thank you! Also, just in case: I didn't mean to be a dick about it, so I'm sorry if it came across that way…

I much prefer that if someone posts a dupe story that people go and comment on the original submission.

I appreciate it when people provide links to such previous submissions.

Better that than the trend of people posting duplicate content.

I generally agree with you. However, in this case there were already several comments on this submission, but none on the other (original) submission. In this case, as I stated, there was no value being added by linking.

And with that said, I think I'm done with this meta-discussion. Thanks for playing…

Same on feedly.com.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact