Share this project

Done

Share this project

Done
Get the book, trading cards & more for The Young Protectors—a smart superhero tale featuring a hero who just happens to like other guys
Get the book, trading cards & more for The Young Protectors—a smart superhero tale featuring a hero who just happens to like other guys
2,462 backers pledged $133,640 to help bring this project to life.

A False Malware Warning. <sigh>

Posted by Alex Woolfson (Creator)

So... 

I woke up this morning to a bunch of emails from readers letting me know that Google Chrome was throwing up a huge malware warning to folks visiting my site. After having had a bad experience a number of years ago, I keep very close tabs on my site's security and felt very confident I hadn't been hacked, but I had just added one banner from a new ad network to my site over the weekend and so that was the immediate culprit I suspected.

Sure enough, I found this email in my Inbox just a few emails later from the new ad network (as you can see there's a little personal note to me on top):

Sending this over as your site was effected via the ads.

Towards Alex we literally turned on ads yesterday so no hard feelings if you want to turn them off. This isn't what I meant when I said errors might occur. Otherwise i'll just pay you out of pocket what you normally make until the warning clears.
--
Heya folks, fun morning so far. Woke up to the entire server being compromised, though that part took a few minutes to fix the sites are going to be showing malware warnings for a bit.

I am currently going over the user logs and getting more details on it but we were directly attacked with the only purpose of making all user sites throw up malware warnings. All the sites are clear and google tools can no longer detect malware, though the codes put in place were to make google think the site itself was the malware. We tried removing the ad units 100% but it's still generating on the sites so it has to be waited out.

I do apologize for this, openX isn't the greatest ad system in the world and we took notable cost in patching it up. Though a recent update broke that and I was never notified of it until saturday when we had a light bot attack. The difference between the 2 is one is automated and stupid and the one we experienced today was done by a person knowing what they were doing.

If we can get a proper IP and time log I'm going to call the police, this is a act of sabotage against a commercial business.

For the period the warnings are up i'll cover any loss in revenue myself, and for Questionable Content I'll do the same even though it was just a ad node we put on ya.

The server has been repaired and we have disabled the automatic update so our fixes won't get broken again. We were in the middle of switching to a new platform in the coming months though I will switch over faster after this as it's much more secure. If you have any questions or concerns feel free to email me them. Though I am 100% confident that this is not an actual malware attack or a virus but something more evil. So the users shouldn't be effected past the actual malware warnings themselves.

Thanks,

Joseph Stillwell

Ceo Hivework Comics

So, that's the information I got. As you can see, it's apparently an act of corporate sabotage against the Hiveworks Ad Network with no real malware injected. And sure enough, if you go to the Questionable Content webcomic, you get the same warning in Chrome. So, it doesn't seem like any of my readers were at risk, but there is a big, scary-looking warning if you visit my webcomics site using Chrome.

Even though Hiveworks said they fixed the problem, I have removed their ad from my site. And I've put in a request with Google Webmaster Tools to re-review my site so they can see that there is no malware there and thus remove the big, scary warning. But those familiar with Google's response time with such things have let me know it could take days for them to get around to re-reviewing my site and removing the warning.  (They tend to shoot first and ask questions days later.) Hopefully, not. But might very well be the case.

Obviously, this being the last week of the campaign when things can really start to get cooking for a Kickstarter, this couldn't have happened at a worse time.

Here are the bottom-line bullet points:

  • There is no malware on my sites. There never was.
  • There is a scary warning in Chrome that says there is malware. It is wrong.
  • It's not just me. A huge number of webcomics sites are now showing these false warnings, including hugely popular ones like Questionable Content.
  • It will likely take Google a number of days to remove that warning.

So, that's the situation. Even with Chrome, you can still get to my site by clicking on the "Advanced" button instead of "Go Back". But of course, I'll understand if folks who don't know me don't want to do that. I'll just cross my fingers that this gets taken care of faster than usual by Google and they remove that warning soon. 

I'll let you know if there are any more updates. Thanks, everyone.

Alex

Comments

Only backers can post comments. Log In
    1. feverfew on

      Danish, not that I wouldn't like an excuse to get some more time to reach 100k (and beyond), but I'm not sure if anyone can be convinced that a 619% funded project is doing poorly due to temporary internet nastiness. ;D
      619% !!! Totally crazy! Will things really speed up even more? I mean the voting is quite an incentive to pledge early... I'm very excited to see what's going to happen in the next few days.

    2. DanishWolf on

      Is it possible tp prolong the KS for a few days if this seem to affect the amount of backing happening?

      I've noticed that today has gone pretty slow today compared to the other days. I know there will be days like that in any KS project, it just seems to colide so could be the reason. Hopefully the backing will speed up again in the last few days :)

    3. Hours Left on

      Thanks for the update Alex. Hopefully it will all be sorted out soon.

    4. feverfew on

      Phew, good to know there's no actual malware. I was really worried there'd been damage to your site. Thanks for clarifying.

    5. Alex Woolfson 2-time creator on

      @Mychyl: I'm glad you knew it wasn't me. I'm just worried about all the folks who don't know me at all. Whether they are going to think I'm sketchy or something when they see this false warning. I myself tend to be so cautious about security, gosh know what I would think if I saw that warning going to an new site.

      I'll just cross my fingers that folks are as understanding as you are and that it won't hurt the Kickstarter too much. We'll see....

      And yes! There never was any malware and regardless, I've removed all their ad code from my site.

    6. Mychyl on

      I've been getting these warnings on several of my webcomics today, so I knew it had nothing to do with your site itself.

      Since I use AdBlock, I'm not terribly worried about my own computer, but I'm glad to hear that it was actually harmless /and/ has already been addressed.

    7. Alex Woolfson 2-time creator on

      @Andrew: This actually seems to be hate against the Hiveworks Ad Network, not webcomics, because unlike with the BlindFerret hack, no actual malware was added. Just a link to another site or something that caused Google to THINK there was malware.

      Obviously, this sucks for me but I can imagine it will be absolutely devastating to Hiveworks. I mean, if you're the creator of Questionable Content and your site gets blocked for days because of an ad are you ever going to use that network again? I know it's very unlikely I will....

    8. BrotherFlounder on

      Yikes, that's no fun. Some idiot with too much time really seems to hate webcomics - BlindFerret's servers were hacked twice in the last few months and malware put into the hosted comics' sites. (I think some folks moved from BF to Hiveworks shortly after that, too.)