WingNews logo WingNews GitHub [2]
top | item 4529034

Google Chrome is detecting malware on The Verge

63 points| k33l0r | 13 years ago |skitch.com | reply

27 comments

order
[+] lukezim|13 years ago|reply
This is Luke Zimmermann from VOX Media, the parent company of The Verge and SB Nation. We've requested a formal review with Google after going to extreme steps to pull our advertising content to both do a thorough review and error on the side of caution that there wasn't anything malicious being inadvertently served up. At this time we're doing everything we can to get this on Google's radar and get it sorted out. We're continuing to monitor the situation as well and do everything in our power to make sure none of our readers and users are at any risk.
[+] Matt_Cutts|13 years ago|reply
Definitely check for any unusual included content and then request a malware review. I emailed the malware team to make sure that this is on their radar.

More info is at http://support.google.com/webmasters/bin/answer.py?hl=en&... and by doing a [site:google.com malware review] search, but it looks like you've requested the malware review correctly. In the mean time, I'd just double-check for any way that malware could have been included/downloaded on the pages.

[+] buro9|13 years ago|reply
You could get TheVerge unblocked right now: Move your stylesheets and other static files to a different CDN (not the sbnation domain).

If TheVerge can take it... just refer to the local addresses. Shove a Varnish instance in front to help if you fear for the web servers.

[+] chrismeller|13 years ago|reply
Unless you routinely serve up javascript from domains like 'dustym' on port 8888, then you apparently haven't done anything yet - it's still being included on www.theverge.com right now.
[+] nikcub|13 years ago|reply
Do you pre-approve and scan every single new advertisement to make sure it doesn't contain malware?

Buying ads on large sites with lax controls is a very common and simple way to distribute trojans.

[+] Dystopian|13 years ago|reply
FYI: SBNation is the main property of VOX Media that owns The Verge.

Something nasty must've gotten onto their CDN, but it wasn't necessarily from The Verge - since they operate a significant amount of websites - it's just that The Verge was using their parent company's resources.

[+] jnsaff2|13 years ago|reply
The alert says that theverge.com itself is not blacklisted just contains stuff from infected sites.

I would try setting a new hostname for the cdn content servers and see if that works. Assuming of course they have gotten rid of the malware.

[+] MatthewPhillips|13 years ago|reply
What can a site Owner do in this situation? Does Google provide information on why a site is flagged?
[+] Achshar|13 years ago|reply
You can submit the site for review in google webmastertools but i think that is only for serps removal. Also AFAIK Chrome takes malware data from google's severs so webmsatertools seems to be the place to go.
[+] ChemicalScum|13 years ago|reply
I got malware warning on Google Reader today. I wonder if this is related.
[+] StavrosK|13 years ago|reply
I just got one on YouTube, weird...
[+] w1ntermute|13 years ago|reply
I hope this doesn't set back the launch of Polygon. We've already been waiting for months, and according to Press Reset (their making-of documentary for the site), it's supposed to launch in October.
[+] thedz|13 years ago|reply
It won't affect Polygon
[+] denzil_correa|13 years ago|reply
Already posted earlier

http://news.ycombinator.com/item?id=4528963

[+] superchink|13 years ago|reply
Why would you link me to that? There is no discussion there that is of any value above what's in this thread (there are no comments). Please don't do that; I realize it was only a couple seconds of my life wasted (plus the 30 seconds to write this comment), but I would really appreciate it if this didn't become a trend.
[+] mopoke|13 years ago|reply
Same on feedly.com.