Those trying to reach major websites ranging from The Huffington Post to CNET and using Google’s Chrome browser may be getting blocked, as Chrome puts up a “Danger: Malware Ahead” warning.
I first noticed this last night, when I tried to reach an article at The Huffington Post, and got this warning screen:
The warning said that content from Buddy TV, a “known malware distributor,” had been inserted into the Huffington Post site.
Oh dear. The culprit? A little box at the Huffington Post that pulled in headlines from the Buddy TV website, which Google yesterday considered to be malware. Today, that problem is gone.
NetSeer Claims An “All Clear”
The problem has hit other sites, however, such as CNET. When I visited there today, I got a similar warning, this time calling NetSeer — a contextual advertising provider — a malware pusher.
As it turns out, the main netseer.com domain was infected with malware, though subdomains used to distribute ads were not. Nevertheless, that subdomain got nabbed. As a post on the NetSeer home page current says:
Early this morning we received alerts that our 3rd party hosted corporate website (netseer.com) was hacked and infected with malware. Consequently, Google added our domain to the list of malware affected websites and Chrome and some other browsers started blocking any sites that had ‘netseer.com’ code.
Our ad serving infrastructure is completely different from the corporate website but shares the same domain (netseer.com). So although the malware never impacted the ad serving all our ad serving partners saw Chrome and other browsers flagging malware warnings to users. To reiterate, the malware was never served into ad serving stream and the browser behavior was completely due to ad serving and the corporate website sharing the same domain name.
Our operations team went into all-hands-on-deck mode and we have successfully cleaned the site of the malware. We also worked expeditiously with Google for an expedited review of the site and we are happy to report that as of 9:30am PT Google has removed the site from the malware impacted site-list and the browsing behavior is now restored for all users.
Despite the problem supposedly being solved around 9:30am PT, I still got that warning around 3pm PT. Indeed, ZDNet, in its story about the Chrome malware warnings, notes that the problem may have returned for some sites with NetSeer code.
Publishers Reassure Visitors
The ZDNet article also notes that other sites were hit by this (as does an article at The Atlantic), including the New York Times and The Guardian, which also tweeted about it to reassure readers. Nor was it alone.
A Twitter search for “chrome malware” shows sites ranging from Cult Of Mac to The Los Angeles Times trying to reassure visitors:
Google: Safe Browsing Working Correctly
For its part, Google tells us that “safe browsing is working as intended” and refers publishers back to this 2009 blog post about how to clean-up a site flagged as infected with malware. It didn’t explain why some sites with NetSeer code might still be having warnings appear.