Link Fabulous - I Have To Pull Our Trade

Greenguy · 2008-07-29, 05:05 PM

I know we have category trades in place that I made with the previous owner, but my Google Desktop is telling me that you've been naughty:

Warning - visiting this web site may harm your computer! - the page you are about to visit may be a web forgery!
You can learn more about malware and how to protect yourself at StopBadware.org. This page is very likely to have been designed to trick users into sharing personal or financial information. Entering any personal information on this page may result in identity theft or other fraud.

You can read more about phishing here antiphishing.org.

Or you can continue to http://link-fabulous.com/Interracial...racial_L96257/ at your own risk.

You can also turn off safe browsing warnings by going to Google Desktop preferences.

I'm going to have to pull our trade - sorry

plateman · 2008-07-29, 05:30 PM

I am pulling links also, I dont know the owner and as far as that goes, is good enough for me to pull links

cd34 · 2008-07-29, 06:22 PM

Having looked at his pages expecting to see something that two clients were recently nailed with, there are two possibilities.

1) he already found it, removed it, submitted his request in webmaster-tools for reinclusion and it hasn't been processed yet (takes about 24-48 hours)

or

2) a particular counter on there loading through javascript has been compromised or is sending out exploits. The only code on each of the pages that I see that appears consistent is the sextracker counter.

However, on the page you showed, I see nothing suspicious -- almost pointing at case #1 since there is no counter code.

He is using adcycle, which could have rotated in a bad banner, but, based on the number of links in google that are flagged, I'm still leaning towards #1.

I don't know the guy, but, figured the data point might at least help someone out that may have been hit and is trying to clean the mess up. Or, maybe noticed the problem, but, not the google issue.

I had a client that had over 19000 files modified through a compromised FTP account over a period of 45 days. We changed the password, cleaned things up, he changed the password back to what it was (doh!), and in the middle of the night, another 9400 pages were modified.

Might give the benefit of the doubt, perhaps someone can contact him, but, this type of attack appears to be more common and much more noticeable as people move to Firefox 3 which complains quite loudly when visiting exploited sites.

SheepGuy · 2008-07-29, 07:06 PM

The same thing happened to me a few months back.
What caused it was a weak FTP password on my end that allowed some scumbag to access my sever and insert a string of malicious java-script. Google noticed it before I did unfortunately.
Luckily I noticed it shortly after and though it took almost 2 weeks to fix it with the google gang and get the warning removed, the only other people who noticed are buddies and they let me know.
It shouldn't have taken that long to get google fixed up, but like an idiot I just removed the malicious code, didn't change my password, and asked google to take another look.
They did, and the code was back.
I removed the code again and since I've changed all of my passwords to alphanumeric strings of gibberish I haven't had any problems.
I would cut this guy some slack, it's very likely not something he did on purpose.

plateman · 2008-07-29, 07:11 PM

yeah I'll hold off, I just can't take any chances with my site getting a pen.

AndyS · 2008-07-30, 02:47 AM

Something similar happened on a TGP of mine, I only noticed when a huge percentage of google traffic disappeared.

Basically I was told it was because of somewhere I was linking to but that was all, so I removed the sextracker counter and a few other links I found. I resubmitted it and within a couple days it was all back and the warning gone.

Greenguy · 2008-07-30, 09:03 AM

I heard that sometimes this happens when your site has a toolbar that is listed as malware.

plateman · 2008-08-05, 10:37 PM

any verdict there is still a warning

call me a link dropper but I just got done pulling links and I also got hit with a penality this last update, I am not ever ever taking anymore chances, when the warning goes away I will put the links back up

2008-07-29, 05:30 PM	#2
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	I am pulling links also, I dont know the owner and as far as that goes, is good enough for me to pull links __________________ Submit to: Porn O Plenty XXX Links Reality Here

2008-07-29, 06:22 PM	#3
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	Having looked at his pages expecting to see something that two clients were recently nailed with, there are two possibilities. 1) he already found it, removed it, submitted his request in webmaster-tools for reinclusion and it hasn't been processed yet (takes about 24-48 hours) or 2) a particular counter on there loading through javascript has been compromised or is sending out exploits. The only code on each of the pages that I see that appears consistent is the sextracker counter. However, on the page you showed, I see nothing suspicious -- almost pointing at case #1 since there is no counter code. He is using adcycle, which could have rotated in a bad banner, but, based on the number of links in google that are flagged, I'm still leaning towards #1. I don't know the guy, but, figured the data point might at least help someone out that may have been hit and is trying to clean the mess up. Or, maybe noticed the problem, but, not the google issue. I had a client that had over 19000 files modified through a compromised FTP account over a period of 45 days. We changed the password, cleaned things up, he changed the password back to what it was (doh!), and in the middle of the night, another 9400 pages were modified. Might give the benefit of the doubt, perhaps someone can contact him, but, this type of attack appears to be more common and much more noticeable as people move to Firefox 3 which complains quite loudly when visiting exploited sites. __________________ SnapReplay.com a different way to share photos - iPhone & Android

2008-07-29, 07:06 PM	#4
SheepGuy It's the end of the world as we know it, and I feel fine Join Date: Jul 2006 Location: Canada Posts: 2,527	The same thing happened to me a few months back. What caused it was a weak FTP password on my end that allowed some scumbag to access my sever and insert a string of malicious java-script. Google noticed it before I did unfortunately. Luckily I noticed it shortly after and though it took almost 2 weeks to fix it with the google gang and get the warning removed, the only other people who noticed are buddies and they let me know. It shouldn't have taken that long to get google fixed up, but like an idiot I just removed the malicious code, didn't change my password, and asked google to take another look. They did, and the code was back. I removed the code again and since I've changed all of my passwords to alphanumeric strings of gibberish I haven't had any problems. I would cut this guy some slack, it's very likely not something he did on purpose. __________________ If the Environment was a bank, they would have saved it by now. Last edited by SheepGuy; 2008-07-29 at 07:11 PM..

2008-07-29, 07:11 PM	#5
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	yeah I'll hold off, I just can't take any chances with my site getting a pen. __________________ Submit to: Porn O Plenty XXX Links Reality Here

2008-07-30, 02:47 AM	#6
AndyS They have the Internet on computers, now? Join Date: Nov 2003 Posts: 144	Something similar happened on a TGP of mine, I only noticed when a huge percentage of google traffic disappeared. Basically I was told it was because of somewhere I was linking to but that was all, so I removed the sextracker counter and a few other links I found. I resubmitted it and within a couple days it was all back and the warning gone. __________________ Get Oral Free Sites Traffic - http://www.1storal.com

2008-07-30, 09:03 AM	#7
Greenguy The Original Greenguy (Est'd 1996) & AVN HOF Member - I Crop Pics For Thumbs In My Sleep Join Date: Feb 2003 Location: Blasdell, NY (shithole suburb south of Buffalo) Posts: 41,929	I heard that sometimes this happens when your site has a toolbar that is listed as malware. __________________ Promote POV Porn Cash By Building & Submitting Galleries to the Porn Luv Network

2008-08-05, 10:37 PM	#8
plateman What can I do - I was born this way LOL Join Date: Oct 2003 Location: ohio Posts: 3,086	any verdict there is still a warning call me a link dropper but I just got done pulling links and I also got hit with a penality this last update, I am not ever ever taking anymore chances, when the warning goes away I will put the links back up __________________ Submit to: Porn O Plenty XXX Links Reality Here Last edited by plateman; 2008-08-05 at 10:52 PM..