Some of you contacted us this evening to let us know about malware warnings on the site. We've been investigating the problem, and here's what we've found out...
So, what happened?
What are you doing about it?
We've deleted the offending scripts and we'll be doing a clean install of our ad serving software from the newest available version to make sure that any known vulnerabilities are removed. In the meantime we've set up processes to check for any new scripts being added, and remove them immediately.
Is my personal data safe?
Yes - the ad database is separate from the site database, and to be on the safe side we've changed all the back-end passwords site-wide.
Why am I still getting malware warnings?
Google is constantly spidering websites collecting information - those spiders will have flagged up the attempted malware attack on road.cc to Google as it happened yesterday. Even though we were instantly aware of the attack and removed the rogue script that flag will automatically appear on Google searches to this site and will have been picked up by browser security setting particularly those for Google Chrome, Firefox and Safari. We have asked Google to review and remove its warning about the site because road.cc is NOT infected with malware. For now all we can do is wait for Google to review the site at which point those malware warnings will stop. Be assured that we take the security of this site very seriously and will continue to do so.
What should I do if I get another malware warning on road.cc?
Email us at info [at] road.cc and let us know, giving as much info as possible.
Dave is a founding father of road.cc and responsible for kicking the server when it breaks. In a previous life he was a graphic designer but he's also a three-time Mountain Bike Bog Snorkelling world champion, and remains unbeaten through the bog. Dave rides all sorts of bikes but tends to prefer metal ones. He's getting old is why.