Updated, 3:20 p.m.: According to a statement from Philly.com, the site has confirmed that a widget on the site contains code that is “not recognized by Google,” and was thus misinterpreted as malicious code. It hopes Google will remove the “malware” warning soon. “We do know that it was that code, we found the code that Google was flagging and it is a third-party widget on the site. We are working with that vendor to get that widget back up,” Editor and Vice President Wendy Warren said in an interview.
Philly.com‘s sports portal is appearing in Google search results and in browser notification systems as a site infected by potentially malicious malware, possibly caused by the site’s Flash-based advertisements.
Vice President and Editor Wendy Warren told Technically Philly that the organization is “responding very aggressively” to investigate the situation and that it is possible that code on the site might be being misinterpreted as malicious.
Warren said in a telephone interview this afternoon that there had been no reports that harmful software had been installed on user computers.
“We’re not sure if there was malicious code or not. Though we can’t rule it out yet, we’ve not found any evidence of it,” she says. “We’re going to check every piece of code that we haven’t written ourselves.”
Philly.com site administrators have disabled Flash-based advertisements and third-party widgets in the Sports section, where the malicious code has been found, Warren says. [Full Disclosure: Technically Philly has conducted business with Warren and Philly.com]
At 11:00 a.m. and again at 2:00 p.m., Apple’s Safari browser indicated that malware was present on the sports portal. A sweep of the section showed that though most of the Flash-based embeds had been removed, OddsShark‘s sports odds interactive embed was still active. Flash elements, like OddsShark, are being returned to the site after they are checked for malicious code, Warren says.
Users being referred from Google search results are met with a warning screen that disallows them from browsing the site, and are asked to enter the URL on their own accord.
“It has a huge impact on our business. Traffic is definitely affected today,” Warren says.
Last June, Philly.com executives denied rumors that malware was being spread on the portal after Phillyist reported on the allegation.
Then, after checking with its ad networks—which screen their advertisements for malicious content—Warren had said that there had been no reports of suspect embeds on the site.
“Philly.com takes seriously the online security of our users, and we go to great efforts to combat issues including malware,” Warren told us in that June interview. Indeed, Warren reached out to Technically Philly this morning with the tip to ensure to users that the issue was being explored.
Before you go...
Please consider supporting Technical.ly to keep our independent journalism strong. Unlike most business-focused media outlets, we don’t have a paywall. Instead, we count on your personal and organizational support.
3 ways to support our work:- Contribute to the Journalism Fund. Charitable giving ensures our information remains free and accessible for residents to discover workforce programs and entrepreneurship pathways. This includes philanthropic grants and individual tax-deductible donations from readers like you.
- Use our Preferred Partners. Our directory of vetted providers offers high-quality recommendations for services our readers need, and each referral supports our journalism.
- Use our services. If you need entrepreneurs and tech leaders to buy your services, are seeking technologists to hire or want more professionals to know about your ecosystem, Technical.ly has the biggest and most engaged audience in the mid-Atlantic. We help companies tell their stories and answer big questions to meet and serve our community.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!