No, We’re not Hosting Malware
If you’re using either the Firefox or Chrome browser, or any of several safe browsing add-ons, you may have recently seen a warning message like the one at right when visiting BookRix.com.
We want to assure you that we’re not hosting any malware, and so far as we’ve been able to tell, BookRix hasn’t actually been compromised. We’re staying closely on top of the issue to ensure the safety of both our customers and our own servers.
Here’s what happened, in case you’re curious…
At BookRix, like thousands of other sites, we use the open source OpenX ad server for managing the ads on our site. Unfortunately, due to its popularity, it’s become a target for hackers, and a few months ago, someone succeeded in hacking it. The security hole was plugged and a new release was put out. A few weeks later, that one was hacked too. And then fixed.
The problem is, once it gets hacked, these safe browsing services get notified, and then any site detected to be running the vulnerable code gets flagged, whether it’s actually been attacked or not. For those of us who run those sites, often the first we know of a problem is when someone on staff goes to visit the site and encounters a security notice. Even once the problem is fixed by updating the code, it can take anywhere from several hours to a day or more to get the flag cleared.
I’m all for preventing malware, of course, but at some point, when the medicine starts to kill the patient, you have to wonder…
Bottom line: we’re on top of the issue, we don’t have any reason to believe that any BookRix users have been exposed, but we still recommend (as all computer security professionals would) that you have malware prevention software in place and scan your computer regularly.
For more details on this issue, see:
Also, here are some free malware prevention and scanning tools: