100 votes

Malware warning?

I posted this in off topic but then realized that not many people would see it so I'm reposting here.

When I came to the Daily Paul this morning to check out the headlines before work, a red google warning page popped up warning of malware on the dailypaul.com and asked if I wanted to proceed. I thought it was strange and thought I should post a heads up that this site is flagged for malware on google.

ADMIN EDIT:

LadyHawke, thanks for bringing this up. However, Google's own diagnostic service shows DP has no malware:

Of the 658 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-05-31, and suspicious content was never found on this site within the past 90 days.

http://www.google.com/safebrowsing/diagnostic?site=www.daily...

We can't speak for what happened on your computer, but a lot of malware tries to pass itself off as Microsoft; it's possible someone is doing the same with Google.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

My desktop version of Safari

My desktop version of Safari gives me a warning on every page on the DP. Can't even use it, basically. The mobile version of Safari has no problems.

To the Admin that edited the post:

Apparently it wasn't just my computer that got the notice, so I'd have to say the problem is more than likely not on my end. When I open any topic, I still get the warning. I just brought it up because it could drive traffic away from the site and I thought that someone that's an admin should be made aware. If you click on the google link, it takes you to Google Safe Browsing diagnostic page where the following message shows up:

Safe Browsing
Diagnostic page for dailypaul.com

What is the current listing status for dailypaul.com?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 665 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-06-01, and the last time suspicious content was found on this site was on 2012-06-01.
This site was hosted on 1 network(s) including AS4323 (TWTC).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, dailypaul.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:
Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Firefox Was Lying

When I first saw the 'Get Me Out Of here' red screen, I was sure there must be something really good on DP today, so I rushed right in as fast I could, dismissing the warnings.
Having an image of ones HDD minimizes the risk factor and makes one bold. For the sake of redundancy I have a matching HDD cloned and ready to insert. I highly recommend everyone who owns and uses a computer to learn how to do at least one of these relatively simple tasks. One more tool in the self sufficiency arsenal.

How it happens -- an explanation

First, the fact that dailypaul.com got labeled as "dragons be here" conveys the inherent dangers of trusting a single source to define where one should be and where one should not be on the internet. Again, what is the problem exactly?

The fact that that the information provided does not tell you exactly why it has been marked "dragons be here" should tell you a lot. Sure, it could be somewhat of an honest mistake -- for example, a dailypaul advertiser decides to push a malware ad to dailypaul and the automated crawler at google picked up the malware ad and erroneously labeled the whole site as "dragons be here".

Then again, the dailypaul advertiser could have done it purposefully. Or it could be something else entirely. The fact is, we don't know because they don't tell us *why* the label was applied.

The flip side of the coin is that if you tell the bad guys what was detected, you have now given them a means to test what you have put into place to prevent them from accomplish their goal. The reality is that they have other ways to test, so the obscurity only hinders real security.

Second, this phrase is actually dangerous in and of itself because it assumes that the digital landscape is and should be like the geo-political landscape where no-fly/no-visit/no-trade zones control who/what/how crosses physical boundaries.

The true, yet to be fully realized, power of the digital landscape is that the only boundaries are the ones we erect. This topic is explored in much greater detail and to better justice elsewhere on the internet.

Go figure

see the Bilderberg list, Google is represented there. Why are we surprised? It is encouraging though. It means that Ron Paul still has a chance.

I call this SLANDER

SUE THEM!

a nod's as good as a wink to a blind bat

I ran Dolphin HD or Mini on Android mobile, Mac Book iOS on...

Safari...all hack attacked.

Except for Opera Mini (with Google mind you) on Android and ironically, the most hacked IE browser (but hacked on supposedly better protected Firefox/Startpage powered by Google) running on reliable XP Pro...all is clear as a whistle.

Android was ran on Look Out and AVG, AVG on iOS while Ad Aware, Malwarebytes and AVG Antiviruses on XP Pro..all is fine.

Go figure.

Firefox users

you may disable the warnings in the Firefox options/preferences by clicking the Security tab, unchecking “Block reported attack sites,” and clicking OK

It's possible someone may

It's possible someone may have injected malicious code onto the website, and then immediately reported it to google so they'd blacklist the website. Even though Google reports that no malicious software was downloaded to any visitors - it doesn't mean it doesn't exist on the server. Some scripts are set up only to "spy" on website activity / visitors and send that information elsewhere.

Either way the websmaster (Michael Nystrom) is the only one who can fix it... I'd advise:

1) Searching for the malicious code first. You can do a mass search for script tags and look for snippets you don't recognize. Or you can simply sort and compare by the last modified dates and see if any files were modified that you know you didn't touch.

2) Remove any malicious code found, and try to find out how it made its way onto the server. The server logs are often very useful for giving you extra information on suspicious activity. You can also beef up the overall security of the Drupal CMS in general (it runs on PHP right? If so check out www.phpfreaks.com/tutorial/php-security)

3) Now you can go into google's developer tools and request a review of your website.

Sorry for the long ramble I'm a web developer and tend to get overly excited about this stuff :)

Startpage (uses proxy for privacy in search) is not...

Google is pathetic; the truth scares these traitors and other reactionaries.

Read the diagnosis - Malware installed by third party!

I've only got the German translation, so my ad hoc translation into English:

"What is the reason for this classification?
Incidental third parties third parties do install malware into legit websites. In this case our warning is announced"

Seems to be a new form of cyber attack on the DP.

Ron Paul was right

This is a "political attack" indeed..try clicking a

Mitt link (gagging, pinching nose) and all is fine...NO HE'S NOT!!

Ok, I've just checked all

Ok, I've just checked all javascript on DP and found no malicious code. Site administration should send a request for de-blacklisting to http://www.stopbadware.org/ ASAP, because it often takes up to 3 days to remove a site from the blacklist.

All the best from a foreign (Russia) Ron Paul follower!

No, Google webmaster tools

"Stopbadware" may very well have been the source in the first place.

If I disappear from a discussion please forgive me. My 24-7 business requires me to split mid-sentence to serve them. I am not ducking out, I will be back later to catch up.

Google Safebrowsing is the

Google Safebrowsing is the only database where DP is listed as a malware site.
https://www.virustotal.com/url/ef1d7fa09ad8950dca09b344b965a...

In firefox, this is built in and enabled by default.

Obviously, a google search will use the same functionality so affect all browsers.

In firefox:
Tools » Options » Security tab, untick the checkboxes for attacks and forgeries.

On your search results page from a Google search:
click on preferences next to search box, then on new page change value
http://www.google.com/preferences

If you have "Customize Google" extension:
you would also want to change your options there as well.

[Source: http://groups.google.com/group/mozilla.support.firefox/browse_thread/thread/9349ec761b03d423]

Are you running Google tool bar?

just curious,I removed mine months ago and refuse to use it anymore.

If I disappear from a discussion please forgive me. My 24-7 business requires me to split mid-sentence to serve them. I am not ducking out, I will be back later to catch up.

Same Problem

Very strange. Made me nervous but clicking on more information shows that there are NO problems. Something is definitely up with this. Hopefully Michael will get to the bottom of it.

Healthnut4freedom

The lip of truth shall be established forever: but a lying tongue is but for a moment...Lying lips are abomination to the LORD: but they that deal truly are His delight. Prov 12:19,22

It could be just some index

It could be just some malware index thing with Firefox (I don't get it, but I'm on Linux...), but I wondered if maybe someone was poisoning the DNS/ARP caches so I'd really like to know if the IP address was correct.

For the people getting the error, would you please try to go here:

http://97.65.137.90

and see if you still get the error?

If so, it looks like we've been malware indexed.

Google Warning

I got an site warning on Firefox and Internet Explorer then the warning went away and seems ok now.

FIREFOX

Does it for me on firefox with or without a using a shortcut...
Reported Attack Page!
This web page at dailypaul.com has been reported as an attack page and has been blocked based on your security preferences.
Attack pages try to install programs that steal private information, use your computer to attack others, or damage your system.Some attack pages intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.

a nod's as good as a wink to a blind bat

Okay..now I'm running good 'ol reliable XP Pro on IE

with Livesearch...no flags, no issues, no nothing.

I tried earlier uninstalling my Dolphin HD on mobile Android..and loaded a clean, leaner Dolphin Mini. Typed "dailypaul" at first search...BAM! "Malware" flag. Ditto on Mac iOS on Safari.

comment

Not saying there is not malware. Using Mac; Safari. Denied connection to safebrowsing.clients.google and now can log in. Do so at your own risk.

Has anyone read the source code?

On the page with the warning they got from here?

If I disappear from a discussion please forgive me. My 24-7 business requires me to split mid-sentence to serve them. I am not ducking out, I will be back later to catch up.

hmm, I just got the same warning too

weird...

firefox said it was a "known

firefox said it was a "known attack site" hahaha give me a break the only thing this site attacks is the status quo lol

Google to blame?

Could it be "coincidence" that Eric Schmidt, Executive Chairman of Google, is attending this weekend's Bilderberg Meeting?

Things that make you go, Hmmmmm?

"We are not human beings having a spiritual experience; we are spiritual beings having a human experience"—Pierre Teilhard de Chardin

Not seeing it here

but last week my laptop got hit with the 'Windows Pro Safety' virus.

Hooked up another computer (clean) and three days later got hit again with 'Windows Antivirus Rampart' virus - identical to the 'WPS' virus.

This time I was ready:
http://malwaretips.com/blogs/how-to-remove-windows-antivirus...

Chrome

Same here guys. Chrome says Malware.