17 Responses to “Google Adsense Serving Up Malware?”
This page contains comments from the Google Adsense Serving Up Malware? article.
Click the icon
to subscribe!
Subscribe
to subscribe!
Stephen Cronin is Manager of Online Service Delivery at a Queensland Government department & has been a freelance WordPress developer/consultant since 2007
*Content on this site is my own and is not related to my employer
Hire me - I'm expensive, but I'm very good!
WordPress Plugins
- DualFeeds: Offer both full & summary feeds to your readers!
- IFrameWidgets: Stop slow javascript widgets breaking your page!
- FeedEntryHeader: Add copyright info to the TOP of your feed!
- LocalCurrency: Show values to readers in their own currency!
- KeywordLuv: Reward commentators with keyword rich links!
- Comment Warning: Detect potential spammers and warn them!
- Eclipse Crossword Integration: Publish crossword puzzles!
- Ajax_the_views: Make WP-PostViews work with caching plugins!
- Remove Widget Titles: Remove widget titles on the front end!
Want a Custom WordPress plugin? See my Services page.
Greasemonkey Scripts
- Google Numbered Search Results: Number Google SERPs
- Bing Numbered Search Results: Number Bing SERPs
- Disable Ctrl-W: Disable the CTRL-W key so you don't lose work
- markItUp! for Greasemonkey: Enable markItUp! for text areas
Visit my home page at Userscripts.org.
When did this happen exactly? (GMT time)
Actually, there totally might be something wrong with my site, which would probably be more likely than Google. A site of mine has been compromised recently by some hacker who managed to find his way through an old software I wasn’t using anymore. As a result, nearly all my sites (they’re hosted off the same account) have been serving an hidden frame pulling content from a malware site. I *think* I’ve cleaned it up now, but I’m actively watching things to make sure nothing is left.
Hi Ozh,
I can’t remember the exact time, but it would have been about 11:30am GMT.
I saw Design Float was hacked the other day and they are currently serving malicious IFrames in their source. I actually looked for IFrames in your source but didn’t see any.
I don’t think the problem is with your site. Attackers could use JavaScript to inserrt malicious code in the DOM, but looking at sessionstore.js, the URL is buried deep in the Adsense ad. It’s not in your source itself.
If your site was the cause, then they must be using JavaScript to intercept Google ads, then inject the URL in those. If they’ve reached that level of sophistication, then God help us! If your site was the cause, I think it far more likely that they would have just injected something in your source.
It’s more likely that one of the advertisers that Adsense is serving up has been compromised. Or perhaps, openstat.ws is a legit site which should be served up by Adsense, but which has been hacked itself (hence it appearing as suspicious).
Anyway, if I can do anything else to help you, let me know.
FYI, I get this error message on your site, which halts the page.
“A script on this page may be busy, or it may have stopped responding. You can stop the script now, open the script in the debugger, or let the script continue.
Script: http:www.scratch99.com/wp-content/plugins/syntaxhighlighter/files/shCore.js:49″
Hi Ozh,
Thanks for letting me know. I was using the Syntax Highlighter plugin to display the snippet from sessionstore.js. The snippet was rather large and the Syntax Highlighter javascript seem to be stumbling over it (though not in Google Chrome).
I’ve now moved it into a txt file and I just link to that rather than putting the post itself.
Indeed, the “advertiser site compromised” theory sounds possible. I think by the time you paid a visit to my site, I had everything cleared. Odd stuff anyway
I’ve read about this happening quite a few times lately if you re upload the index file for the blog and or the main site it seems to fix the problem. Its also worth running a scan on your pc with combofix and malwarebytes, both of which are free but good at detecting malware not picked up by avast.
Don’t pay attention to that. Sometime virus software alarm you for nothing. They consider everything as a virus or malware. Google have no interest to take that kind of risk. They’re have a reputation to keep clean.
Its normal. People get around google protections, but sooner or later
they will be tracked and shutted down.
I wouldn’t suspect google of that. After all if something like this got into media it might mean the end of the company.
I’ve been bothered by the same alerts when I was using AVAST. But when I switched to AVG lesser alerts about this malware was popping up. If you would ignore this alert the effect of this malware will come sooner or later.
What would be its effect? This type of Malware will have an effect on your browsers. You won’t notice it but there will be times that your browser will freeze for a couple of seconds. And if this alerts keeps on coming, if your Video card or the specs of your PC cannot handle it you will encounter “Blue screen”. It is not the worst Malware but it will use some of your time waiting.
What’s the proof? It happen to me it can happen to anyone.
It should be all sorted out soon, as said above, people get around google protections, but in the end the get shut down.
That’s very interesting. Google’s own AdSense program being a culprit of suspicious malware… Doesn’t Google check the ads that are being put up through AdWords? I mean, I guess not seeing from this result. However, you would still think this is something Google would check for..
Thanks for the informing post, I’ll be sure to look out for this.
Hard to say Jesse – you would think that they would check, but they must be serving up an insane number of ads from huge number of advertisers…
Malware, Google not often seen in the same sentence. I would suggest it is down to the sheer volume they are churning out daily. Surely they can keep an eye on every one.
Man, I sure would want some updated information about this. Adsense?!
Thing, however, is that I haven’t heard of any more of this besides Ozh’s.
I’m sorry for my comment.
Just in my opinion, what about the chance that the anti virus have some bug?
Very complete post. About a month ago, my Kaspersky antivirus told me the Google ads are infected. I supposed it’s a bub of Kaspersky. However, if google wants to spy you it’s very easy with some cookies I supposed.