No, We’re not Hosting Malware

If you’re using either the Firefox or Chrome browser, or any of several safe browsing add-ons, you may have recently seen a warning message like the one at right when visiting BookRix.com.

We want to assure you that we’re not hosting any malware, and so far as we’ve been able to tell, BookRix hasn’t actually been compromised. We’re staying closely on top of the issue to ensure the safety of both our customers and our own servers.

Here’s what happened, in case you’re curious…

At BookRix, like thousands of other sites, we use the open source OpenX ad server for managing the ads on our site. Unfortunately, due to its popularity, it’s become a target for hackers, and a few months ago, someone succeeded in hacking it. The security hole was plugged and a new release was put out. A few weeks later, that one was hacked too. And then fixed.

The problem is, once it gets hacked, these safe browsing services get notified, and then any site detected to be running the vulnerable code gets flagged, whether it’s actually been attacked or not. For those of us who run those sites, often the first we know of a problem is when someone on staff goes to visit the site and encounters a security notice. Even once the problem is fixed by updating the code, it can take anywhere from several hours to a day or more to get the flag cleared.

I’m all for preventing malware, of course, but at some point, when the medicine starts to kill the patient, you have to wonder…

Bottom line: we’re on top of the issue, we don’t have any reason to believe that any BookRix users have been exposed, but we still recommend (as all computer security professionals would) that you have malware prevention software in place and scan your computer regularly.

For more details on this issue, see:

OpenX flaw lets hackers place malware on websites

Also, here are some free malware prevention and scanning tools:

AVG Free

Avira AntiVir

Malwarebytes

Trend Micro HouseCall

Share and Enjoy:
  • Print
  • email
  • Facebook
  • Twitter
  • Google Bookmarks
  • del.icio.us
  • Digg

2 Responses to No, We’re not Hosting Malware

  • poch peralta says:

    Most probably, this is ’scareware’ which aims to ask you for future ransom or hijack your site. Never click any link within the message because that’s how you’ll activate the malware or virus.

  • ScottAllen says:

    No, I know exactly what you’re talking about, and that’s a different problem — those are pop-ups. These are legitimate messages in the browser from Google, etc. It’s been widely discussed in the Google webmaster forums — like I said, thousands of web sites are having this problem.

Leave a Reply

You must be logged in to post a comment.

Archives
Grab the BookRix Button
BookRix Between the Lines
HELPFUL BOOKS
BookRix Between the Lines
BookRix Blog Buddies
Reading Addiction Blog Tours Me, My Shelf and I Parajunkee Design When A Southern Woman Rambles