It is not unusual for malware attacks to take place against digital newspapers, blogs and the like. More times than not in these rare situations, publishers are left scrambling to figure out the culprit and that dreaded red warning now being seen by millions of their dedicated viewers. Yet, the site reflects no hosting of malware – scouring their domain files, publishers and their frustrated IT staff try to pinpoint this unseen nightmare. Then it all comes to a head – publishers and blog owners are not at fault, instead it stemmed from an affiliated party associated with the site. A partnership that has been seamless and friendly, suddenly goes awry when one side of that partnership becomes a target for hacking.
Forums filled up across the internet with desperate website owners seeking answers to a fruitful weekend, suddenly gone to hell. E-mails from dedicated subscribers filled their inbox inquiring about the raging red warning appearing on the landing page. Websites partnered with MadAdsMedia were dosed with a ice cold bucket of malware. The company immediately left a bulletin advising one of their “ad servicing locations” had been the target of a hack. Engineers for the company scrambled to locate the culprit and provide the next steps for frustrated publishers.
The Media giant stated the malware effected approximately eight percent of their publishing clients and provided steps to Google’s Webmaster blog to request clearance. Users of Chrome identified the warning, whereas viewers on Internet Explorer had no issues accessing the site. Guardian Liberty Voice (GLV) sprung into action and called several emergency meetings to immediately address the issue.
FTP files were scanned, the database was reviewed and additional security implementations were used. Once the site received an all-clear, a notice was dispatched to Google for a review. Within a few short hours, GLV was one of the first sites to become active again, cleared of any connection to the malware attack.
Malware attacks are nothing new – commonly hackers will find a vulnerability and hack it. No security measure is ever 100 percent, the advancement of technology can guarantee that. Security measures are something GLV does not take lightly or cheaply. Within three to four hours following the non-affiliated attack, the site was clear and approved wholly by Google as acceptable for media news distribution.
In 2009, over 40,000 websites were encompassed under a Javascript rogue code hack, leading viewers to download a trojan masked as a fix-it. Luckily, the malware that hit hundreds of sites this past weekend did not endure steps of that severity. Yahoo! recently experienced an ad malware attack as well, which rerouted visitors to rogue sites to exploit and glean vulnerabilities. GLV is happy to report not one reader was redirected to a rogue site, deflecting the chances of any users becoming effected.
GLV places security measures as a number one responsibility, this is something that is repeated as an embedded mantra. Unfortunately, this digital print joined hundreds if not thousands of other websites this past weekend due to an affiliated partner issue. MadAdsMedia immediately owned the situation and reached out to their publishers, acknowledging their elite publishers, by offering their solemn apologies. The domain that was attacked is not affiliated with GLV and has been recognized for further review by the Media company. GLV has been reported and approved by Google Webmasters as a cleared website, with no affiliation to hosting malicious software. GLV will also work to every degree possible to keep it that way.
Angelina Bouc
Deputy Managing Editor
Technology
Related stories:
