Home
If you are getting a warning alert, here's why.....

Some of you contacted us this evening to let us know about malware warnings on the site. We've been investigating the problem, and here's what we've found out...

So, what happened?
Somebody utilised a back door in one of the scripts in our ad serving platform, and used it to add a javascript call to some of the banner ads on the site. The call was to a malware site.

What are you doing about it?
We've deleted the offending scripts and we'll be doing a clean install of our ad serving software from the newest available version to make sure that any known vulnerabilities are removed. In the meantime we've set up processes to check for any new scripts being added, and remove them immediately.

Is my personal data safe?
Yes - the ad database is separate from the site database, and to be on the safe side we've changed all the back-end passwords site-wide.

Why am I still getting malware warnings?
Google is constantly spidering websites collecting information - those spiders will have flagged up the attempted malware attack on road.cc to Google as it happened yesterday. Even though we were instantly aware of the attack and removed the rogue script that flag will automatically appear on Google searches to this site and will have been picked up by browser security setting particularly those for Google Chrome, Firefox and Safari. We have asked Google to review and remove its warning about the site because road.cc is NOT infected with malware. For now all we can do is wait for Google to review the site at which point those malware warnings will stop. Be assured that we take the security of this site very seriously and will continue to do so.

What should I do if I get another malware warning on road.cc?
Email us at info [at] road.cc and let us know, giving as much info as possible.

Dave is a founding father of road.cc and responsible for kicking the server when it breaks. In a previous life he was a graphic designer but he's also a three-time Mountain Bike Bog Snorkelling world champion, and remains unbeaten through the bog. Dave rides all sorts of bikes but tends to prefer metal ones. He's getting old is why.

13 comments

Avatar
Gkam84 [9068 posts] 4 years ago
0 likes

I just got it again this second, its 5.34am GMT  26

Every different section, News, Forum......etc gives me another one  14

Avatar
dave atkinson [6148 posts] 4 years ago
0 likes

that may be because google has picked up the infected pages and is marking them as attacked; we've requested a review of that.

Avatar
londonplayer [620 posts] 4 years ago
0 likes

I always knew you guys were up to something. You'll be telling me to put my road shoes in the freezer next....tsk tsk!

Avatar
abudhabiChris [692 posts] 4 years ago
0 likes

Didn't have it before but I just got it now.

Avatar
Tony Farrelly [2856 posts] 4 years ago
0 likes

Yes, I only got it a little while ago myself when I quit out of Safari and then turned it on again. I've just added a bit to the original story about why that is happening - basically it's the security settings in your browser picking up the flag from Google - they all link back to that Google message.

As Dave says above, we've asked Google to review the flag and we're confident that when they do it will be removed.

I just wish they'd hurry up  2

Avatar
Gkam84 [9068 posts] 4 years ago
0 likes

Ah ha, that explains why i can't get from your facebook links to, just get a security warning from there aswell

Quote:

Security Alert: This Link May Not Be Safe
Facebook has teamed up with Google to help protect you online. The link you are trying to visit has been identified as potentially unsafe by our trusted partner. Visit the Facebook Security Page to learn more about staying safe on the Internet.

Visiting this website mayb harm your computer
This page appears to contain malicious code that could be downloaded to your computer without your consent. You can learn more about harmful web content including viruses and other malicious code and how to protect your computer at StopBadware.org. Advisory provided by Google. Learn more

Avatar
a.jumper [845 posts] 4 years ago
0 likes

Switch the google tracking off in your browser settings. They aren't trustworthy and - like on road.cc - usually only flag mainstream sites after the problem has been fixed. Just keep your antivirus and intrusion detector up to date!

Avatar
TheHatter [770 posts] 4 years ago
0 likes

I tried to get in this morning to add Oliver Zaugg and Dan Martin to my fantasy league team but was blocked. Anyone know how they got on?
 1

Avatar
Gkam84 [9068 posts] 4 years ago
0 likes
a.jumper wrote:

Switch the google tracking off in your browser settings. They aren't trustworthy and - like on road.cc - usually only flag mainstream sites after the problem has been fixed. Just keep your antivirus and intrusion detector up to date!

Nah i think i'll leave my browser settings as they are, they are there for a reason

As for anti virus and intrusion software, i've yet to find one that works for me, being a techy i'm quite happy to run my systems without it and haven't used anti virus for around 12 years

Avatar
Tony Farrelly [2856 posts] 4 years ago
0 likes

The good news is Google has stopped flagging the site so hopefully we can all get back to the usual stuff of talking about bikes, and riding in all their various forms

Avatar
Simon E [2545 posts] 4 years ago
0 likes

Tony, FYI I have just been confronted by Facebook's alert mentioned above by Gkam84.

Avatar
a.jumper [845 posts] 4 years ago
0 likes
Gkam84 wrote:

Nah i think i'll leave my browser settings as they are, they are there for a reason

Two reasons in fact: security theatre and big brother!

Avatar
Matt_S [234 posts] 4 years ago
0 likes

The web still has ads?  7