Skip to main content

Don't Make Your Blog Vulnerable To Strategic Malware

In 2009, Blogger Help Forum: Get Help with an Issue had various reports about blogs mysteriously redirecting to "".

Later that year, and into 2010, we saw new reports mentioning "", then "". When we investigated the redirections, we found people with blogs that used a picturesque animated decoration known as "falling snow" - and later, as Valentines Day 2010 approached, "falling hearts".

The victimised blog owners, too frequently, admitted to having installed various gadgets provided by helpful non Blogger website owners. Diagnosing the problem, however, was frequently obscured by the claims.
But I installed that gadget months ago!
In some cases, diagnosed in December 2009 - February 2010, the misbehaving gadgets had been installed as far back as Summer of 2009.

Many misbehaving blog accessories were found available from various non Blogger websites, from helpful third party developers.

In Winter 2011 / Spring 2012, we discovered new classes of malware - gadgets being provided using "Add a Gadget", and served from Google sanctioned third party contributed libraries. We had redirectors like "", targeting websites such as "".

We have actually observed four waves of hijack attacks upon Blogger blogs (the above two are the best documented), which appear to provide commercial or financial reward to the hackers maintaining the malicious and misbehaving gadgets. Some websites served from the "" redirection were found to be serving very deviously packaged malware - that helped to enslave various reader computers, as botnet members.

This year, we're observing more victims, who have installed gadgets from "", and "" - with redirectors such as "". We also see problem reports from owners of blogs with NeoCounter and other NeoWorx products - and similar complaints from readers of the blogs.

When advised to remove identified gadgets, many blog owners again complain.
I installed that gadget months ago, and it's been working just fine! Surely, that is not my problem!!
But based on the other problem reports - and later by the admission of the blog owners - the gadgets removed will prove to be the source of the problem.

The lessons from all of this? You need to be very selective about where you get accessories and advice - and you need to accept skeptically - if at all - the casual evaluation.
It's working fine today, after I installed it last month - so it must be a good gadget! Now, I can recommend it to my friends!!
If it seems too good to be true, it probably is.

You get readers from informative, interesting, and unique content - not from free content and shiny gadgets.


Renee Ondrajka said…
This was very helpful. I appreciate the advice. I also removed my pin gadget, but it seems that my pictures still have it on there. What could be the reason? I still want my pics to be able to be pinned, but I thought removing the gadget would make that no longer possible. Thanks for any advice.
Chuck Croll said…
Hi Renee,

Thanks for asking the question.

IIRC, your blog has three Pinterest gadgets. You only need one. And if they are from "", they can be trusted. But you should only have one.

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Help! I Can't See My Blog!

I just posted to my blog, so I know that it's there. I can tell others are looking at it. But I can't see it.

Well, the good news is you don't have a blog hijack or other calamity. Your blog is not gone.

Apparently, some ISPs are blocking *, or maybe have network configuration or infrastructure problems. You can access or you can access, but you can't access, or

You can't access them directly, that is. If you can access any free, anonymous proxy servers, though, you may be able to access your blog.

Note: You can use PKBlogs with the URL pre packaged. Here is the address of this post (with gratuitous line breaks to prevent the old post sidebar alignment problem):

And an additional URL, to provide to those suffering from this problem, would be the WordPress version of this post: