Support road.cc

Like this site? Help us to make it better.

Back to news
news
road.cc malware alerts: what happenedMalware warning

road.cc malware alerts: what happened

If you are getting a warning alert, here's why.....
by dave atkinson
Fri, Oct 14, 2011 23:53
13

Some of you contacted us this evening to let us know about malware warnings on the site. We've been investigating the problem, and here's what we've found out...

So, what happened?
Somebody utilised a back door in one of the scripts in our ad serving platform, and used it to add a javascript call to some of the banner ads on the site. The call was to a malware site.

What are you doing about it?
We've deleted the offending scripts and we'll be doing a clean install of our ad serving software from the newest available version to make sure that any known vulnerabilities are removed. In the meantime we've set up processes to check for any new scripts being added, and remove them immediately.

Is my personal data safe?
Yes - the ad database is separate from the site database, and to be on the safe side we've changed all the back-end passwords site-wide.

Why am I still getting malware warnings?
Google is constantly spidering websites collecting information - those spiders will have flagged up the attempted malware attack on road.cc to Google as it happened yesterday. Even though we were instantly aware of the attack and removed the rogue script that flag will automatically appear on Google searches to this site and will have been picked up by browser security setting particularly those for Google Chrome, Firefox and Safari. We have asked Google to review and remove its warning about the site because road.cc is NOT infected with malware. For now all we can do is wait for Google to review the site at which point those malware warnings will stop. Be assured that we take the security of this site very seriously and will continue to do so.

What should I do if I get another malware warning on road.cc?
Email us at info [at] road.cc and let us know, giving as much info as possible.

malware
Dave Atkinson

Dave is a founding father of road.cc, having previously worked on Cycling Plus and What Mountain Bike magazines back in the day. He also writes about e-bikes for our sister publication ebiketips. He's won three mountain bike bog snorkelling World Championships, and races at the back of the third cats.

Add new comment

13 comments

Avatar
Matt_S | 12 years ago
0 likes

The web still has ads? 7

Avatar
Simon E | 12 years ago
0 likes

Tony, FYI I have just been confronted by Facebook's alert mentioned above by Gkam84.

Avatar
Tony Farrelly | 12 years ago
0 likes

The good news is Google has stopped flagging the site so hopefully we can all get back to the usual stuff of talking about bikes, and riding in all their various forms

Avatar
TheHatter | 12 years ago
0 likes

I tried to get in this morning to add Oliver Zaugg and Dan Martin to my fantasy league team but was blocked. Anyone know how they got on?
1

Avatar
a.jumper | 12 years ago
0 likes

Switch the google tracking off in your browser settings. They aren't trustworthy and - like on road.cc - usually only flag mainstream sites after the problem has been fixed. Just keep your antivirus and intrusion detector up to date!

Avatar
Gkam84 replied to a.jumper | 12 years ago
0 likes
a.jumper wrote:

Switch the google tracking off in your browser settings. They aren't trustworthy and - like on road.cc - usually only flag mainstream sites after the problem has been fixed. Just keep your antivirus and intrusion detector up to date!

Nah i think i'll leave my browser settings as they are, they are there for a reason

As for anti virus and intrusion software, i've yet to find one that works for me, being a techy i'm quite happy to run my systems without it and haven't used anti virus for around 12 years

Avatar
a.jumper replied to Gkam84 | 12 years ago
0 likes
Gkam84 wrote:

Nah i think i'll leave my browser settings as they are, they are there for a reason

Two reasons in fact: security theatre and big brother!

Avatar
Gkam84 | 12 years ago
0 likes

Ah ha, that explains why i can't get from your facebook links to, just get a security warning from there aswell

Quote:

Security Alert: This Link May Not Be Safe
Facebook has teamed up with Google to help protect you online. The link you are trying to visit has been identified as potentially unsafe by our trusted partner. Visit the Facebook Security Page to learn more about staying safe on the Internet.

Visiting this website mayb harm your computer
This page appears to contain malicious code that could be downloaded to your computer without your consent. You can learn more about harmful web content including viruses and other malicious code and how to protect your computer at StopBadware.org. Advisory provided by Google. Learn more

Avatar
Tony Farrelly | 12 years ago
0 likes

Yes, I only got it a little while ago myself when I quit out of Safari and then turned it on again. I've just added a bit to the original story about why that is happening - basically it's the security settings in your browser picking up the flag from Google - they all link back to that Google message.

As Dave says above, we've asked Google to review the flag and we're confident that when they do it will be removed.

I just wish they'd hurry up 2

Avatar
KirinChris | 12 years ago
0 likes

Didn't have it before but I just got it now.

Avatar
londonplayer | 12 years ago
0 likes

I always knew you guys were up to something. You'll be telling me to put my road shoes in the freezer next....tsk tsk!

Avatar
dave atkinson | 12 years ago
0 likes

that may be because google has picked up the infected pages and is marking them as attacked; we've requested a review of that.

Avatar
Gkam84 | 12 years ago
0 likes

I just got it again this second, its 5.34am GMT 26

Every different section, News, Forum......etc gives me another one 14

Latest Comments