An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Saturday, February 07, 2015

Don't Make Your Blog Vulnerable To Strategic Malware

In 2009, Blogger Help Forum: Get Help with an Issue had various reports about blogs mysteriously redirecting to "blogoholic.info".

Later that year, and into 2010, we saw new reports mentioning "smashingfeeds.com", then "sendptp.com". When we investigated the redirections, we found people with blogs that used a picturesque animated decoration known as "falling snow" - and later, as Valentines Day 2010 approached, "falling hearts".

The victimised blog owners, too frequently, admitted to having installed various gadgets provided by helpful non Blogger website owners. Diagnosing the problem, however, was frequently obscured by the claims.
But I installed that gadget months ago!
In some cases, diagnosed in December 2009 - February 2010, the misbehaving gadgets had been installed as far back as Summer of 2009.

Many misbehaving blog accessories were found available from various non Blogger websites, from helpful third party developers.

In Winter 2011 / Spring 2012, we discovered new classes of malware - gadgets being provided using "Add a Gadget", and served from Google sanctioned third party contributed libraries. We had redirectors like "pagesinxt.com", targeting websites such as "ripway.com".

We have actually observed four waves of hijack attacks upon Blogger blogs (the above two are the best documented), which appear to provide commercial or financial reward to the hackers maintaining the malicious and misbehaving gadgets. Some websites served from the "pagesinxt.com" redirection were found to be serving very deviously packaged malware - that helped to enslave various reader computers, as botnet members.

This year, we're observing more victims, who have installed gadgets from "blog-hit-counters.com", and "free-blog-content.com" - with redirectors such as "searchingresult.com". We also see problem reports from owners of blogs with NeoCounter and other NeoWorx products - and similar complaints from readers of the blogs.

When advised to remove identified gadgets, many blog owners again complain.
I installed that gadget months ago, and it's been working just fine! Surely, that is not my problem!!
But based on the other problem reports - and later by the admission of the blog owners - the gadgets removed will prove to be the source of the problem.

The lessons from all of this? You need to be very selective about where you get accessories and advice - and you need to accept skeptically - if at all - the casual evaluation.
It's working fine today, after I installed it last month - so it must be a good gadget! Now, I can recommend it to my friends!!
If it seems too good to be true, it probably is.

You get readers from informative, interesting, and unique content - not from free content and shiny gadgets.

Dude, hit me with a comment!

Renee Ondrajka said...

This was very helpful. I appreciate the advice. I also removed my pin gadget, but it seems that my pictures still have it on there. What could be the reason? I still want my pics to be able to be pinned, but I thought removing the gadget would make that no longer possible. Thanks for any advice. www.stampinwithrenee.blogspot.com.

Chuck Croll said...

Hi Renee,

Thanks for asking the question.

IIRC, your blog has three Pinterest gadgets. You only need one. And if they are from "assets.pinterest.com", they can be trusted. But you should only have one.