Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

Google Adwords Reporting Malicious Content Rate Topic   - - - - -

 
  • carterj
  • Junior Member
  • Members
  • Join Date: 11-May 09
  • 103 posts

Posted 14 December 2014 - 11:30 PM #1

A week after upgrading to 4.2.4, Google Adwords is reporting that my site has malware or malicious content, indicating it will be blocked if not corrected. I checked out my webmaster tools, webstats, and file/folder permissions, etc... Everything is checking out ok from what I can see. No crawl errors, data feeds check out, no redirects outside my site.. I'm at a loss.

Has anyone else got similar message since the recent upgrade??

Using CS-CART 4.11.x


 
  • johnbol1
  • Never Re
  • Members
  • Join Date: 23-Feb 10
  • 4739 posts

Posted 14 December 2014 - 11:49 PM #2

Have a quick check at securi site check and also avg threat labs or other site malware scanners and then if no results found get back in touch with adwords to manually review

John

Custom printed hi visibility clothing sale the UK's online hivis safety shop
v4.5.2


 
  • clips
  • Aged Resident Loon
  • Members
  • Join Date: 14-Jan 07
  • 1650 posts

Posted 15 December 2014 - 02:47 AM #3

I'm not so sure it has anything to do with upgrading to version 4.2.4, we just got an email from Google too on a site that has 4.2.3. From what I can see the malware actually appears to be coming from Searchanise. We turned it back on with this site a few months ago when we could not get an add on from someone to work. Even though it was not our site direct, according to Google's site even though the malware is on Searchanise, our site is showing results from Searchanise. It also seems to show that, so far, our site has NOT "resulted in malicious software being downloaded and installed without user consent".

I'm not for sure if the following link will stay visable, but here is what the Searchanise JS says on Googles's Safe browsing.
http://www.google.co...ts/v1.0/init.js

I have attached various images to support what I have found so far.

We have turned off Searchanise. We have not submitted to Google to look at again because we are still researching.

Attached Thumbnails

  • searchanise malware image 1.jpg
  • searchanise malware image 2.jpg
  • searchanise malware initjs file.jpg
  • searchanise malware stopbadware clearing house.jpg

Regards,
Jim

 
  • clips
  • Aged Resident Loon
  • Members
  • Join Date: 14-Jan 07
  • 1650 posts

Posted 15 December 2014 - 03:03 AM #4

Here is what Securi Site and AVG found. I'm still unsure if the malware is on the searchnise site or if searchanise is just on the server that has this "soak soak" malware. So far if I turn off and uninstall searchnise none of the sites say my site is infected any longer.

Attached Thumbnails

  • searchanise.com _ Website Safety Report & Reviews For searchanise.jpg
  • Sucuri SiteCheck - Free Website Malware Scanner.jpg

Regards,
Jim

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11489 posts

Posted 15 December 2014 - 03:50 AM #5

I would guess from the messages that if cs-cart turns off SSLV3 on Searchenize site (like they should have months ago) that the detected problems will go away.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.


 
  • clips
  • Aged Resident Loon
  • Members
  • Join Date: 14-Jan 07
  • 1650 posts

Posted 15 December 2014 - 04:09 AM #6

Looks like they have an older version of Wordpress too, plus Google did say they had "suspicious activity" 1 time in the last 90 days. Guess that could be the SSLv3.
Regards,
Jim

 
  • Chaoswar
  • Member
  • Trial users
  • Join Date: 10-Sep 13
  • 18 posts

Posted 15 December 2014 - 04:31 AM #7

Google Adwords detected searchanise as malicious!

Anyone Help?
what should i do? just stop the add on?

Posted Image

Posted Image

 
  • carterj
  • Junior Member
  • Members
  • Join Date: 11-May 09
  • 103 posts

Posted 15 December 2014 - 04:39 AM #8

It took 3 scans for Securi and AVG to detect this on my site... interesting.. Anycase I disabled and uninstalled searchanise for now. :-( Scans showing clean now, but still researching for other "external calls" myself too just in case.

What I don't know yet is if google will still block our sites if disabled / uninstalled since their is still reference to searchandise code, DB, and files. I'm going to contact them to find out and will post findings, unless someone else posts the answer.

Using CS-CART 4.11.x


 
  • carterj
  • Junior Member
  • Members
  • Join Date: 11-May 09
  • 103 posts

Posted 15 December 2014 - 05:02 AM #9

Looks like the searchanise team is aware of the issue, indicating their site was hacked and have resolved the problems. They indicated to disable the add-on so google doesn't blacklist our sites... kind of too late for that.. at least for the few of us so far.

Information was posted on their twitter feed slightly after the posts here.

Adwords support indicated that I would need to submit my site for review, either with the addon-on removed or to wait until the referring site in question has been updated reviewed and off the blacklist. They could not answer if their scan would detect unused code to the affected site even though no active links are enabled.

Guess we will find out in 24 hours.

Using CS-CART 4.11.x


 
  • eComLabs
  • CS-Cart Expert
  • Authorized Reseller
  • Join Date: 27-Jan 14
  • 20241 posts

Posted 15 December 2014 - 10:06 AM #10

Please check details here:

https://twitter.com/searchanise
GET A FREE QUOTE | CS-Cart Add-ons | CS-Cart Licenses | CS-Cart Development | CS-Cart Design | Server Configuration | UniTheme and YOUPI
CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 
  • alex-pro
  • Advanced Member
  • Trial users
  • Join Date: 07-Nov 13
  • 95 posts

Posted 15 December 2014 - 01:47 PM #11

Incident Resolved  Searchanise Site Hacked, Blacklisted by Google.png

 
  • clips
  • Aged Resident Loon
  • Members
  • Join Date: 14-Jan 07
  • 1650 posts

Posted 15 December 2014 - 03:13 PM #12

We got the same email from Seachanise acknowledging the malware. Speed issues and now malware. Hmmm. Bummer.

I already questioned Searchanise because of how much it slowed down the site and this makes me question it more. I just do not know if I want to use software linked to 3rd party sites like this. Especially if I'm going to get my hands slapped less than 2 weeks before Christmas!

We have seen hacking problems twice this year now and sadly both originated somehow from CS-Cart. I know that no one is immune from these stupid hackers, but I really must question if CS-Cart is doing enough to help keep us safe.
Regards,
Jim

 
  • Lazy
  • Member
  • Members
  • Join Date: 06-Oct 08
  • 78 posts

Posted 16 December 2014 - 02:29 PM #13

Yeah way to go CS Cart

as someone already pointed out 2 weeks prior to Christmas and our ad words account has been suspended for 48 hours. We were going to upgrade to the PRO version in the new year no chance of that happening now.

What person thought it would be a good idea to host the tool on the same domain as the sales site ?

As the tweet stated


Posted Image Searchanise @searchanise · Dec 14
IMPORTANT: Our site has been hacked, and Google blacklisted the whole domain, so Searchanise is currently blacklisted.

Would have been a great idea to host the tool on another domain. 48 hours of ad words generated business now lost due to someone's lack of forward thinking.

Happy Christmas CS Cart :(