An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Saturday, April 25, 2015

Don't Accept Advice Or Code From Hackers

We're lately seeing a few problem reports, in Blogger Help Forum: Get Help with an Issue, from owners of blogs now locked as malware / spam hosts.
My blog was deleted because it is marked as spam. I never spammed so why my blog has been confirmed as a Spam Host?
This blog owner appears to have simply accepted advice from the wrong person.

Using The Internet Archive (aka "Wayback Machine") we can sometimes find cached copies of blogs, even after deleted as suspected malware / spam hosts. In one case, though, viewing the blog was not possible - even having found a copy of the blog, in cache.

In some cases, simply finding a cached copy of a deleted blog may not guarantee its review - let alone its being restored.

In one case, the blog was visible, when the cache link was clicked - for 2 seconds. Then, the display went white. No blog content was visible.

Viewing the blog, in code ("text") mode, showed a fully published blog page. Scrolling through the code, the problem was discovered. Large blocks of custom JavaScript code, bearing shiny labels like "FlexSlider", "hoverIntent", and "Superfish", were found.

Chances are. the blog owner installed the code simply hoping to make the blog more attractive / interesting, to the reader population. Unfortunately, the shiny code had a different effect.

The blog is now broken, and can't be viewed. In order to be reviewed, and returned to the owner so the unnecessary code can be fixed or removed, the blog has to be examined, by security experts. But, it can't be viewed, because it's broken. Lather, rinse, repeat.

The owner accepted advice and code from a hacker - and has broken the blog. This is yet one more case of unwise installation of unsafe code. It's probably not intentionally malicious - but the Blogger malware / spam classification process can't determine intent - just result. So, the blog was righteously deleted.

As a blog owner, you must be selective of what advice - and accessories - you accept, when maintaining your blog. The blog you save may be your own.

Dude, hit me with a comment!