UPDATE! WARNING: Site Issue/Malware Alert

UPDATE – 07/09/10

Hopefully many of you saw the news on Twitter, but as of approx 1 AM EST last night, we were confirmed by Google and cleared of any Malware on iFanboy.com.  So if you're wondering if it's safe to browse iFanboy again, I assure you, it is!

For those who are curious as to what happened, here's the whole story:
At some point on Wednesday, 07/07/10, a malicious attack was made on websites that use one particular piece of software to serve banner ads.  There was a security hole in the version of software that we were running, and through that this attack was able to serve malicious malware to you, the user.  We were not the only website targeted in this attack, our friends at Bleeding Cool as well as some other sites were also attacked at the same time.  Now, unfortunately, at first we had no idea where the attack was coming from.  But on Wednesday night after a few hours of troubleshooting, we thought the malware was being served by the banners themselves, so we immediately began pulling down externally served banners.  But it turns out the malware was being deployed by the software itself, which we figured out on Thursday afternoon and then immediately turned off this piece of software (you may notice there are no ads on the site right now.  This is why).  Once we did that and did a thorough check of our code, we determined that we were Malware free.

So if we were Malware free, then why was there a warning in front of iFanboy.com saying this was a dangerous site serving malicious code?  Well, what happened was we were unlucky enough to be crawled by Google's bots during this attack, who then identified the Malware and added us to their Malware warning list.  Firefox and other browsers check with this Malware list before they load a webpage, to make sure it's safe for you to use, which is a great and awesome thing and protects millions of users from Malware.  It just sucked that they happened to catch up for the small, 12 hour window where we had this problem.  Once Google detected the Malware, they contacted us and we worked with them to get the site quickly reviewed again after we removed the code and then last night around 1 AM EST, Google cleared us and we're back to 100% safe again.

What now?  Well as I mentioned, we have removed ads from the site and they will remain off for the weekend at least, if not into next week.  We're going to be very careful moving forward to make sure that there are no security holes in the software we use, to ensure that this never happens again.

If you see anything weird happening while using iFanboy, don't hesitate to let us know via email: contact AT ifanboy DOT com, or message us on Twitter at twitter.com/ifanboy – many of you did and that was extremely helpful in troubleshooting the issue, so thanks everyone.

We sincerely apologize for any inconvenience this may have caused you, our users, in accessing the site or, god forbid, your computer got infected from the Malware while using iFanboy.com.  We still strongly recommend you to read the below and run a comprehensive virus and Malware scan on your computer, just to be safe.

Thanks to everyone for their understanding and support during this mini-crisis, and again, we're deeply sorry that this happened and promise we will do our best to never let it happen again.  

– Ron Richards

 


 

07/08/10
Many of you have alerted to us via e-mail or twitter that your experiencing some issues with accessing iFanboy.com  We are aware of the issue and have been for the past 24 hours.  The problem has ben frustrating and curious as we haven't been able to isolate the specific problem, but there are some things that point to the fact that somewhere out on the Internet, some Malware has targeted your browser and iFanboy.com.

Here are the symptoms:

– When you try and load iFanboy, you see the site briefly and then it redirects to Google.

– You may have loaded iFanboy, but a pop up window telling you that you need to install a plugin appears

– You are prompted to download one or multiple PDFs files.

 

From the research we've been able to do, it appears that this maybe caused by a virus called the Go-Google Virus, in addition to other malware attacks that we have not yet been able to identify.  We are working our butts off to find out what's happening, why and to make it stop.

So what can you do? Well there's a few things:

1. Stop using the browser that may be infected.  So if you use Firefox, try Google Chrome, Apple Safari, or Opera.  Vice-versa if you use one of those other browsers

2. DO NOT download, open or access any PDF files that may end up on your computer

3. DO NOT click inside any pop up windows.  If you see a pop up window, shut down your browser application immediately

 

If you are experiencing any of the above problems, your computer or browser may be infected.  This has been reported by Windows users as well as Mac users, so pretty much anyone could be a victim here.

Stop what you're doing, shut down all your applications and run a virus scan as well as a malware detector. 

We suggest running Malwarebyte's Anti-Malware tool, Spybot Search & Destroy and HiJackThis

For more info on how to remove the Go Google virus, check out this eHow article. We will be posting more links or tools to remove this as we find it.

As you can imagine, we're incredibly upset by this and some of the iFanboy staff have been affected as well.  It's never our intention to cause anyone's computer to have a problem, so we ask for your patience and accept our deepest apologies for this.

We are working non-stop to find the solution to this, so if you're affect by this, please standby and again, start using a different browser.

thank you.