29 comments

[ 2.6 ms ] story [ 54.3 ms ] thread
FYI: SBNation is the main property of VOX Media that owns The Verge.

Something nasty must've gotten onto their CDN, but it wasn't necessarily from The Verge - since they operate a significant amount of websites - it's just that The Verge was using their parent company's resources.

(comment deleted)
What can a site Owner do in this situation? Does Google provide information on why a site is flagged?
You can submit the site for review in google webmastertools but i think that is only for serps removal. Also AFAIK Chrome takes malware data from google's severs so webmsatertools seems to be the place to go.
Why would you link me to that? There is no discussion there that is of any value above what's in this thread (there are no comments). Please don't do that; I realize it was only a couple seconds of my life wasted (plus the 30 seconds to write this comment), but I would really appreciate it if this didn't become a trend.
Sorry wouldn't do that in the future if that's so disturbing.
(comment deleted)
Thank you! Also, just in case: I didn't mean to be a dick about it, so I'm sorry if it came across that way…
I much prefer that if someone posts a dupe story that people go and comment on the original submission.

I appreciate it when people provide links to such previous submissions.

Better that than the trend of people posting duplicate content.

I generally agree with you. However, in this case there were already several comments on this submission, but none on the other (original) submission. In this case, as I stated, there was no value being added by linking.

And with that said, I think I'm done with this meta-discussion. Thanks for playing…

This is Luke Zimmermann from VOX Media, the parent company of The Verge and SB Nation. We've requested a formal review with Google after going to extreme steps to pull our advertising content to both do a thorough review and error on the side of caution that there wasn't anything malicious being inadvertently served up. At this time we're doing everything we can to get this on Google's radar and get it sorted out. We're continuing to monitor the situation as well and do everything in our power to make sure none of our readers and users are at any risk.
Unless you routinely serve up javascript from domains like 'dustym' on port 8888, then you apparently haven't done anything yet - it's still being included on www.theverge.com right now.
edit: thanks for the heads up, that was not the issue at hand.
You could get TheVerge unblocked right now: Move your stylesheets and other static files to a different CDN (not the sbnation domain).

If TheVerge can take it... just refer to the local addresses. Shove a Varnish instance in front to help if you fear for the web servers.

Definitely check for any unusual included content and then request a malware review. I emailed the malware team to make sure that this is on their radar.

More info is at http://support.google.com/webmasters/bin/answer.py?hl=en&... and by doing a [site:google.com malware review] search, but it looks like you've requested the malware review correctly. In the mean time, I'd just double-check for any way that malware could have been included/downloaded on the pages.

Just a quick note: the message is gone for me now, so it looks like the malware review went through with no problems.
Do you pre-approve and scan every single new advertisement to make sure it doesn't contain malware?

Buying ads on large sites with lax controls is a very common and simple way to distribute trojans.

Same on feedly.com.
I hope this doesn't set back the launch of Polygon. We've already been waiting for months, and according to Press Reset (their making-of documentary for the site), it's supposed to launch in October.
It won't affect Polygon
I got malware warning on Google Reader today. I wonder if this is related.
I just got one on YouTube, weird...
The alert says that theverge.com itself is not blacklisted just contains stuff from infected sites.

I would try setting a new hostname for the cdn content servers and see if that works. Assuming of course they have gotten rid of the malware.