Uncategorized
Media / Web development

Philly.com sports portal possibly hit with malware attack

Updated, 3:20 p.m.: According to a statement from Philly.com, the site has confirmed that a widget on the site contains code that is “not recognized by Google,” and was thus misinterpreted as malicious code. It hopes Google will remove the “malware” warning soon. “We do know that it was that code, we found the code […]

Visitors to Philly.com's Sports section saw this malware warning in Safari this morning


Updated, 3:20 p.m.: According to a statement from Philly.com, the site has confirmed that a widget on the site contains code that is “not recognized by Google,” and was thus misinterpreted as malicious code. It hopes Google will remove the “malware” warning soon. “We do know that it was that code, we found the code that Google was flagging and it is a third-party widget on the site. We are working with that vendor to get that widget back up,” Editor and Vice President Wendy Warren said in an interview.
Philly.com‘s sports portal is appearing in Google search results and in browser notification systems as a site infected by potentially malicious malware, possibly caused by the site’s Flash-based advertisements.
Vice President and Editor Wendy Warren told Technically Philly that the organization is “responding very aggressively” to investigate the situation and that it is possible that code on the site might be being misinterpreted as malicious.
Warren said in a telephone interview this afternoon that there had been no reports that harmful software had been installed on user computers.
“We’re not sure if there was malicious code or not. Though we can’t rule it out yet, we’ve not found any evidence of it,” she says. “We’re going to check every piece of code that we haven’t written ourselves.”
Philly.com site administrators have disabled Flash-based advertisements and third-party widgets in the Sports section, where the malicious code has been found, Warren says. [Full Disclosure: Technically Philly has conducted business with Warren and Philly.com]

At 11:00 a.m. and again at 2:00 p.m., Apple’s Safari browser indicated that malware was present on the sports portal. A sweep of the section showed that though most of the Flash-based embeds had been removed, OddsShark‘s sports odds interactive embed was still active. Flash elements, like OddsShark, are being returned to the site after they are checked for malicious code, Warren says.
Users being referred from Google search results are met with a warning screen that disallows them from browsing the site, and are asked to enter the URL on their own accord.
“It has a huge impact on our business. Traffic is definitely affected today,” Warren says.
Last June, Philly.com executives denied rumors that malware was being spread on the portal after Phillyist reported on the allegation.
Then, after checking with its ad networks—which screen their advertisements for malicious content—Warren had said that there had been no reports of suspect embeds on the site.
“Philly.com takes seriously the online security of our users, and we go to great efforts to combat issues including malware,” Warren told us in that June interview. Indeed, Warren reached out to Technically Philly this morning with the tip to ensure to users that the issue was being explored.

Companies: Philly.com
Engagement

Join the conversation!

Find news, events, jobs and people who share your interests on Technical.ly's open community Slack

Trending

How venture capital is changing, and why it matters

What company leaders need to know about the CTA and required reporting

The ‘Amazon of science stores’ and 30 other vendors strut their stuff for Philly biotech

Why the DOJ chose New Jersey for the Apple antitrust lawsuit

Technically Media