Thursday, October 13, 2011

PSA: Possible Malware Attack On PVD

Google Diagnostic Report

I came home this afternoon to find a comment saying that my site had been flagged as unsafe for browsing due to malware.  As nearly as I can tell, Casual Stroll to Mordor got hacked this morning and was serving links to malware on their RSS feed, which appears in one of the standard Blogger blogroll widgets on my site.  My guess is that only people who actually clicked the link to the CSTM feed (or people with browsers that pre-load links) would have been infected, but I have no way to verify that at this time.  I also have no way to request a review of my site to determine if the infection is gone, because the problem report has not yet propagated to Google Webmaster tools. 

In the absence of further information, I can only recommend that readers (especially those that also read CSTM) do whatever it is they do to check for malware. 

Update: According to a commenter on the CSTM refugee blog, the "icon" on Blogger's default blogroll widget is the culprit.  I have disabled this "feature", and strongly advise anyone who would rather not have their blog blacklisted by Google to do the same.  

Info from Google Diagnostics

No comments: