Tuesday, October 28, 2008

Doubting to Shhh.... What the hell?

What is the current listing status for toshuo.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 154 pages we tested on the site over the past 90 days, 77 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2008-10-27, and the last time suspicious content was found on this site was on 2008-10-27.

Malicious software includes 76 trojan(s), 1 adware(s). Successful infection resulted in an average of 2 new processes on the target machine.

Malicious software is hosted on 3 domain(s), including rapidantivirus.com, internetprosecurity.com, 193.142.244.0.

3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including soft-traff6.com, onlinedetect.com, allradiohits.com.


I don't have Mark's e-mail address, so maybe somebody could drop him a line and let him know about this?

4 comments:

Mark said...

Thanks, Carl. It looks like my Chinese blog got compromised since I haven't updated WP since version 2.0.

I've since updated it and cleaned out the junk that the attack installed, but it will take a while for that message to go away.

Spencer said...

I had a site report the same thing. It was due to a SQL injection. Your update to WP 2.6.2 should help clear all of this, but you also might want to register the page for Google indexing.
Usually it is because your plugins aren't secure. I no longer use any plugins that aren't absolutely necessary because the people that write those don't always write it with proper SQL injection protection.

Karl said...

You said "injection protection"... heh heh heh huh huh.

Spencer said...

:)