What exactly was the issue?! Were we at risk?

 

Unfortunately Google is not nearly as fast to delist as they are to block. It has been resubmitted to them; there is nothing we can do to speed up them removing the block. Coming here to demand explanations and timelines isn't helping anyone - we honestly don't know how long it will be. They *told* us 24 hours, on Sunday Even though the issue itself has been resolved, the warnings will continue until Google gets off their tail and removes the block.

In the meantime, of course I would not advise you to lower your security settings just to view this site. Evaluate your priorities and go from there. As much as we love you all, none of us would die from a few days away from NAM It's not as if we are intentionally having the site blocked, or as if anyone here at NAM did something to put anyone at risk. The internet is a big network and sometimes a little guilt by association causes problems, just like IRL.

 

So, in other words, all this talk about platform software hacks and scripting exploits are bunk. Right?

Thanks for the info about the bad link; it's good to know, and I think serves as adequate explanation for us concerned users who were asking for one.

 

Just wanted to say I appreciate the admin's efforts in getting rid of the problem that Google has flagged the site for. I do find it rather silly they flagged this forum because someone simply linked to another site that was blacklisted. Just curious if Google sent a warning beforehand. Not doing so is rather discouraging.

One thing that might help is using one of the sites that provides a seal of trust to encourage the effort to make sure it's safe. You link your site to theirs by putting up a "trust seal." The one I use for my personal site is http://freetrustseal.com/. It's free, but I sent them a donation for their efforts. There are several other paid services on the market, to include McAfee Trust Seal and Trust Guard.

 

No, no. I understand. I need to be very, very specific to avoid confusing you.

If there was something very malicious I'm confident they would have shut the site down until it could be sorted out.

 

Using the info from google, it appears that website user would have to do a few specfic actions to get infected...
Come to this site...use the google serch feature, rather than the built in search...
When a user clicked on one of the links in the search...the user woul instantly be redirect not to here, but one of 3 sites that would install software on a suspectible system, then almost instantly redirect you to the page/article you clicked....
Prett basic...but still dangerous.
A hijacked computer may have no symptoms what soever...so may feel slower...hijacked computers are often "sold" on the black market, and then activated for denile of service attacks that some modern day mobs use like the old-time protection racket...others may have ad-ware installed, or keystroke loggers installed....
Some exploits can be hidden from the operating system and user by using what is refered to as a root-kit...made famous by the Sony Music copy protection scheme a few years back, but the technology has been around for years...
Folks with "good" security software (I like NOD32 from ESETT, but there are a few good ones, beware...very wellknown/free software is so common, their weakness are wellknown by hackers too!!) should have been protected, as are those useing 3rd part operating systems such as Linux, Ubinto, unix, or to a lesser extent apple OS, and phone operating systems....these systems in general ALL have weaknesses, but are infrequently attacked due to the lower numbers present on the Internet in general.
Remember, not all hackers are bad.."White Hat" hackers do good, exposing flaws, and informing users, and software writers so issues can be fixed...."Black Hat" hackers find exploits, sell then to others, and allow their use to be used for various "narfarious" purposes.


Edit: I would like to state that in all my research, about 90% says this type of attack is mainly an attempt to steal Add revenue....IT USUALLY DOES NOT have the pages installing "bad software"...it is still possible..but most reports of this attack..going back to FEBRUARY has to theft of advertising revenue. The Software support people do recommend that users change passwords, since the installer of the hack did gain unauthorized access to deep portions of the software...and anything was possible.
Thanks Matt, AKA DR O for tracking down the support sites, and a few useful threads to add the ones I had found!!

 

relax, zippy. it's been handled, and not all of what you're saying applies to what's going on here, anyway.

 

It has been stated one of the sites founders that the issue was fix....I sciencely believe this to be true.
What concerns me is the lack if transparency from the site..the lack of info on what was happening, and in light of such a lack of info, any security concensous user MUST assume the worst case.
In my experience, minor issues are usually acknowledged, and "hot patote" issues are kept quite, ignored, or handled like an ostridge by putting ones head in the sand.
Running ANY website, one encounters issues...running 24/7, with $$$ in add revenue, page views, and users make popular sites big targets.
It is nice to know "it has been handled" and our favorite MINI site is no longer functioning as a Conuit to infection....but what about a page or link or announcement to direct folks to ensure they did not get some malware installed? Not all users very tech savey....



Edit: I would like to state that in all my research, about 90% says this type of attack is mainly an attempt to steal Add revenue....IT USUALLY DOES NOT have the pages installing "bad software"...it is still possible..but most reports of this attack..going back to FEBRUARY has to theft of advertising revenue. The Software support people do recommend that users change passwords, since the installer of the hack did gain unauthorized access to deep portions of the software...and anything was possible.
Thanks Matt, AKA DR O for tracking down the support sites, and a few useful threads to add the ones I had found!!

 

I was asking for transparency, too... but MLPearson79 already explained what the issue really was and that nobody was at risk. That post is just a little higher up on this page, if you want to read it.

 

go to this link: http://www.google.com/safebrowsing/d...anmotoring.com, you will find that as of yesterday the issue still existed.

Here's some info about how Google does this stuff: http://www.google.com/support/webmas...&answer=163633

If you want to see how this affected traffic here. You can look at the Quantcast numbers here: http://www.quantcast.com/northamericanmotoring.com The drop is huge, and as of yesterday, is still ongoing.

What a royal pain in the assss! Anyway, some sites do deal with it very quickly, some not so fast.

Matt

 

And some folks put too much faith in the admins bringing a site down if it was a threat. There was a threat here and it stayed up the entire time with no response from the admins? Really?

I guess ad revenue is too precious to protect the users of the site. As posted above, there was/is an issue here. Pretty safe to assume that it was more than just a "link".

Me thinks I'll avoid the site for a while. Especially since they haven't owned up to explain what is happening.

 

I don't know if I buy that. If you end up redirected to a site that has hostile content, you're at risk. If you pay for page views and you aren't getting them because site traffic is down, you're at risk.

To say this is the end of the world is overstating the situation. But to say that it's no problem at all is understating the problem.

What's more of an issue here is that the fact that this happened means that there are ways into the site to allow malicious code. While this specific thread may not do anything more than just re-direct traffic, the very same exploits could do things that are more severe, and that is worrysome.

But with all that said, NAM has a very good reason to fix this: and it's Money! If a bunch of traffic gets re-directed away, they loose out on click through revenue from the adds that are here. If the problem persists for a long time, and viewers end up elsewhere, the number of unique pageviews drops and the value to advertisers is down as well.

I'm seeing people show up at other MINI sites because of this, and some of them will find something they like probably stay away. This is bad for NAM for the reasons above, as well as being bad for the people who pay to be here.

All in all, it's not a pretty picture. Could things be much worse? Sure they could! Could this have been dealt with faster with less impact to the site? You bet that's a yes too....

Matt

 

I'm still visiting a LOT less until the warning is gone.

 

Well said Dr. Obnxs.

Cyber security is nothing to "just relax" about. One doesn't need to freak out and wear a tinfoil hat but some level of eternal vigilance is required.

 

Hi everyone.

MotorOn asked me to chime in here to explain the problem on our end. The problem that triggered the warning was cleared as soon as we were able to and we have re-submitted the site to Google for their approval, and have yet to hear back.

Until Google responds to the request, all the warnings that rely on Google's list will display that NAM is a malware threat. We are absolutely committed to clearing this type of problem as fast as possible, but when the warning comes down is now entirely in the hands of Google.

This site's staff responded to the issue immediately, and it's a shame that their hard work is lost in Google's waiting line. All I can ask is that you continue to enjoy the site as normal until the site is fully restored. (Then you can enjoy it a little more )

Mark
Internet Brands

 

You will probably hear of a few deaths on here, 'cus I know several people whose lives revolve around this site.

 

I still have MU symbols infront of older saved NAM favorites, but as of today all new links and new favorites saved are back to NAM symbol.


I think maybe a MU computer guru's idea of a sense of humor

 

It looks like Google finally crawled the site again and gave it a clean bill of health.

-----------------------
EDIT

When I posted this I got a clean report, but when I checked later, Google had the 2010-10-13 crawl data again.

 

 

FF is still giving me the warning.

 

I just checked again. This time, the site is listed as crawled on 2010-10-13 and still suspicious.

This was not true when I check earlier. I guess the updated data will have to propagate through the googpleplex.

 

I notice also that a Google search on the site no longer warns of malware, but also does not provide cached page links. More indication that the site is in transition.

As an aside, I saw the article on Google Safe Browsing in PC World.

 

Well, if NAM is ontop of thier Quantcast tracking calls, it's not good....

This is the traffic to the site since the problems showed up through the 13th. This shows an over 50% drop in visitors. They are away for two reasons: one the ridirects from Google searches sent them elsewhere, and two; they are worried about exposure to malware.

Anyway, once the issue is fixed, the news has to percolate through all the layers of internet stuff that care about this, and people have to regain thier trust of the site.

I'm far from an expert on this stuff, but my reading about it indicates that this exploit first showed up in March of this year. The fact that NAM didn't get hit till October is good news. It's bad news that NAM wasn't proactively protected. Like I said, I'm not an expert on these things and some of the forum posts on the various sites I read seemed like they were in a foreign language! So if I got any of this wrong, I apologize.

It could have been worse. Some of the sites that I read about had 75% or greater drop in visits, and volume took up to three weeks after correction to come back up to pre-exploit traffic.

Anyway, I hope that this was all used as a learning experience so that some of the stuff that runs NAM gets upgraded and more secure.

Matt

 

As of this posting FF is still blocking NAM. IE worked fine.

 

Well -- I don't know what to do. I've become a regular here, its part of my daily routine. I love my little car and I love seeing what others have done with or to it. I also love getting heads up calls about its various maladies and how to fix them, or whether the malady is really a problem.

I've contributed my two-cents worth -- sometimes feeling kinda good at having had something to say and someplace to say it, and I've been encouraged by positive response at times.

But I'm getting frightened that some of the issues that have come up on my little laptop -- my link to the real world since retirement -- may have come from my visits here. And its interesting that a couple of the posts that I've responded to have netted me "unsafe attachment" warnings from my computer's internal police force. And I've had headaches with the various browsers from FireFox to IE, to Google Chrome. But this week, all three of my browsers decided that NAM was unsafe for my computer to visit.

I feel a bit lost -- sorta like I would imagine I would feel to fnd out that my wife was unfaithful.

I trusted the site, and I participated freely -- I even went to multiple Mini events that I first heard about here on the pages of NAM.

But now I'm worried, and when I tried to look into the causes, I find that I've been participating in a grand and glorious marketing scheme that is fully owned by an internet advertising/marketing company.

I simply don't know what to believe or who to trust anymore.

I will likely reduce my visits here, and my contributions -- such as the were -- will be hesitant.

What in the world is going on here? I thought we were a bunch of happy Mini owners who got together on the net to exchange our ideas and thoughts. I thought we were being paid for by the various ads that show up on the top side and bottom of most every page. Is that not the case???

Are we simply shills for a mass marketing company?

Please tell me this has not all been a bad dream.

I even feel kinda differently about the Mini now.

Sad stuff if its true. And BTW -- as of 21:10 EST, this date, Google Chrome will still not let me log onto NAM because it thinks that the site is a source of Malware. If this is wrong, please -- whoever is in charge -- please fix it.

Please.