Google Adwords Reporting Malicious Content

A week after upgrading to 4.2.4, Google Adwords is reporting that my site has malware or malicious content, indicating it will be blocked if not corrected. I checked out my webmaster tools, webstats, and file/folder permissions, etc… Everything is checking out ok from what I can see. No crawl errors, data feeds check out, no redirects outside my site… I’m at a loss.



Has anyone else got similar message since the recent upgrade??

Have a quick check at securi site check and also avg threat labs or other site malware scanners and then if no results found get back in touch with adwords to manually review



John

I'm not so sure it has anything to do with upgrading to version 4.2.4, we just got an email from Google too on a site that has 4.2.3. From what I can see the malware actually appears to be coming from Searchanise. We turned it back on with this site a few months ago when we could not get an add on from someone to work. Even though it was not our site direct, according to Google's site even though the malware is on Searchanise, our site is showing results from Searchanise. It also seems to show that, so far, our site has NOT “resulted in malicious software being downloaded and installed without user consent”.



I'm not for sure if the following link will stay visable, but here is what the Searchanise JS says on Googles's Safe browsing.

http://www.google.co…ts/v1.0/init.js



I have attached various images to support what I have found so far.



We have turned off Searchanise. We have not submitted to Google to look at again because we are still researching.

searchanise malware image 1.jpg

searchanise malware image 2.jpg

searchanise malware initjs file.jpg

searchanise malware stopbadware clearing house.jpg

Here is what Securi Site and AVG found. I'm still unsure if the malware is on the searchnise site or if searchanise is just on the server that has this “soak soak” malware. So far if I turn off and uninstall searchnise none of the sites say my site is infected any longer.

searchanise.com _ Website Safety Report & Reviews For searchanise.jpg

Sucuri SiteCheck - Free Website Malware Scanner.jpg

I would guess from the messages that if cs-cart turns off SSLV3 on Searchenize site (like they should have months ago) that the detected problems will go away.

Looks like they have an older version of Wordpress too, plus Google did say they had “suspicious activity” 1 time in the last 90 days. Guess that could be the SSLv3.

[size=5][font=lucida sans unicode,lucida grande,sans-serif]Google Adwords detected searchanise as malicious! [/font][/size]



[size=4][font=lucida sans unicode,lucida grande,sans-serif]Anyone Help? [/font][/size]

[size=4][font=lucida sans unicode,lucida grande,sans-serif]what should i do? just stop the add on?[/font][/size]







It took 3 scans for Securi and AVG to detect this on my site… interesting… Anycase I disabled and uninstalled searchanise for now. :-( Scans showing clean now, but still researching for other “external calls” myself too just in case.



What I don’t know yet is if google will still block our sites if disabled / uninstalled since their is still reference to searchandise code, DB, and files. I’m going to contact them to find out and will post findings, unless someone else posts the answer.

Looks like the searchanise team is aware of the issue, indicating their site was hacked and have resolved the problems. They indicated to disable the add-on so google doesn't blacklist our sites… kind of too late for that… at least for the few of us so far.



Information was posted on their twitter feed slightly after the posts here.



Adwords support indicated that I would need to submit my site for review, either with the addon-on removed or to wait until the referring site in question has been updated reviewed and off the blacklist. They could not answer if their scan would detect unused code to the affected site even though no active links are enabled.



Guess we will find out in 24 hours.

Please check details here:



https://twitter.com/searchanise

[attachment=8870:Incident Resolved Searchanise Site Hacked, Blacklisted by Google.png]

Incident Resolved Searchanise Site Hacked, Blacklisted by Google.png

We got the same email from Seachanise acknowledging the malware. Speed issues and now malware. Hmmm. Bummer.



I already questioned Searchanise because of how much it slowed down the site and this makes me question it more. I just do not know if I want to use software linked to 3rd party sites like this. Especially if I'm going to get my hands slapped less than 2 weeks before Christmas!



We have seen hacking problems twice this year now and sadly both originated somehow from CS-Cart. I know that no one is immune from these stupid hackers, but I really must question if CS-Cart is doing enough to help keep us safe.

Yeah way to go CS Cart



as someone already pointed out 2 weeks prior to Christmas and our ad words account has been suspended for 48 hours. We were going to upgrade to the PRO version in the new year no chance of that happening now.



What person thought it would be a good idea to host the tool on the same domain as the sales site ?



As the tweet stated





Searchanise @searchanise · Dec 14

IMPORTANT: Our site has been hacked, and Google blacklisted the whole domain, so Searchanise is currently blacklisted.



Would have been a great idea to host the tool on another domain. 48 hours of ad words generated business now lost due to someone’s lack of forward thinking.



Happy Christmas CS Cart :(