Web Sites Increasing Vigilance Against Malware

These days, if you're publishing a web site - or surfing the web - you have to watch your back, constantly. Merely publishing a secure site - or only surfing to secure sites - may not be enough. Any link on any web site might link to another web site, with malware. Worse, any link on any web site might not link to a web site with malware, but to a web site that links to another web site, with malware. And so on ...

How do you draw the line how far to look? You can use a browser add-on which monitors your surfing, and tells you which web sites are safe, or aren't safe - but that add-on better go beyond just checking the immediate web site.

This month, we see progress in that direction. Just yesterday, I was asked, in Blogger Help Forum: Something Is Broken

I see that Blogger says "Blog Unavailable"
Upon further investigation, I found interesting reports from "safebrowsing.clients.google.com", which appears to be a database fed by Google and StopBadware.org.


The top level reports simply says that "earnovertheinternet.blogspot.com" is a dodgy web site. Here I won't comment on the name, more commentary will be found elsewhere.



We click on the "Why was this site blocked" button, and see the report for "earnovertheinternet.blogspot.com". "earnovertheinternet.blogspot.com" is clean, but it links to "popuptraffic.com".



We click on the link for "popuptraffic.com", and see the report for "popuptraffic.com". "popuptraffic.com" is clean, but it links to "javapo.t35.com", "downner.blogspot.com", and "lpspain.galeon.com".



We click on the link for "javapo.t35.com", and see the report for "javapo.t35.com". "javapo.t35.com" is not clean. Reports for "downner.blogspot.com", and "lpspain.galeon.com" contained similar warnings.



I'll note here the stated dangers from "javapo.t35.com"
25 page(s) resulted in malicious software being downloaded and installed without user consent ...

Malicious software includes 26 exploit(s), 2 trojan(s), 1 scripting exploit(s). Successful infection resulted in an average of 5 new process(es) on the target machine ... Malicious software is hosted on 12 domain(s), including velassin.com/, rmbclick.com/, 39m.net/.

11 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including popuptraffic.com/, adtrak.net/, hele.t35.com/.
We see evidence that the web site monitoring process is persistently cyclic.
The last time Google visited this site was on 2009-09-04, and the last time suspicious content was found on this site was on 2009-09-04.
And, it describes details about the degree of danger.
Malicious software includes 26 exploit(s), 2 trojan(s), 1 scripting exploit(s). Successful infection resulted in an average of 5 new process(es) on the target machine.


"earnovertheinternet.blogspot.com" and "popuptraffic.com" had apparently been visited that same day, 2009/09/17.
What is the current listing status for earnovertheinternet.blogspot.com?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-09-17, and the last time suspicious content was found on this site was on 2009-09-17.


The owner of "earnovertheinternet.blogspot.com" (you'll note that I won't be linking there) states his intention to clean up his act, and to convince at least one other web site to do likewise.
I will remove those popups ... I asked the admin of popuptrafic


This is a start. Get the responsible web sites to remove their links to dodgy web sites. Enough action here, and one day, maybe no more dodgy web sites.

We can dream, can't we?

>> Top