Eating Google humble pie
Today, I am eating Google humble pie, because it was right about malware on Autocade. Therefore: thank you, Google. (Iām not so petty as to not thank them for when they get things right.)
Since Google had cried wolf over this blog, which has never had malware issues, I had to question it. Nevertheless, Iām sure most people would agree that itās better to be safe than sorry.
We originally suspected it was one ad network. This is also based on past behaviour, when one of our networks got suckered in to hosting an ad twice in 2007 that turned out to be a trojan. So we began limiting the creatives that could be shown on our sites.
When that didnāt work, we had to keep looking.
We traced the malware from Autocade back to OpenX, which weāve now removed from our server. There is an upgraded version which weāll look at, as we need this program, but for now, Iād rather lose a few dollars than subject innocent users to malware.
Itās a shame there does not seem to be much action over at OpenX. Itās a really good program but the forums donāt seem to have too many staff present there. However, I know we were not alone.
For once, Iām glad Autocade is not a hugely popular site, but itās still disturbing that this happenedāand, as I understand it, Gawker and Gizmodo were affected, too.
The site acting as the malware intermediary is clickme199.ipq.co, which has been allowed to remain online. Whois gives ipq.coās location in the UK.
Luckily, our other sites were unaffected, in that no malware was sent down the line. But as a precaution, we removed all OpenX code from our sites.
Itās been a big weekend for computer problems, with one machine down due to a trojan and our ad-serving program sending malware. Plesk (the server administrator) also reported that we sent out 61 Tbyte of data this monthāand weāre only paying for 100 Gbyte. That was also scary, till I was told by Rackspace that thatās down to a bug. So weāve had to upgrade Plesk as wellāprobably not a bad thing.
Not exactly the catch-up weekend that I envisaged, but at least we made some progress. The damaged computer is almost back to normal, too.