zirconstudios.com malware message

[Bleck]

Google Chrome has stopped me twice from accessing OCR pages because it's connected to a 'known malware distributor', zirconstudios.com.

zircon, maybe take a look around at this? If anyone else had or has this happen to them, post here about it.

[Cerrax]

I've gotten this a few times as well. I'm also using Google Chrome.

I'm sure zircon knows how to deal with this, but I'll just add that I had this happen to my site. The .htaccess file had a bunch of redirects to malware sites added to it. Deleting the file causes the server to make a new one that is clean.

[Meteo Xavier]

I saw something in it the other day, but I know his site has been hacked/attacked before and I thought Google still thought it was doing that or something.

[The Damned]

FireFox does the same thing, but only if I try to go directly to zirconstudios.com.

OCR is fine.

[Emunator]

It's probably giving a malware warning because the beats on his site are so siiick.

...

I'll be leaving now.

[Rozovian]

Same problem using Safari. Just reporting.

[Gario]

Confirmed on my comp - getting the same signal. I'm using Chrome, as well.

[lazygecko]

It was some security loophole that was already addressed a while ago, but Google has yet to unlist the site.

[zircon]

Really really sorry about this, guys. It's been a giant thorn in my side for weeks now. What happened was that MONTHS ago, a single plugin I was using to resize thumbnails had an exploit that some asshole used to put malicious PHP on my site. I immediately fixed the exploit and deleted all the PHP, or at least I thought I did. The problem was that each PHP file had its own backdoor, so the same hacker(s) could keep going in and putting more redirecting crap all over.

Since my webhost (Lunarpage) was useless in helping me with this, a week ago I completely changed hosts, reinstalled everything from scratch and completely cleaned everything out to make sure that not a single file from the old site made it on to the new one without being thoroughly checked. So, there's no way any of the old malware made it on, since everything on zirconmusic.com now is fresh + reinstalled from remote servers or my computer, not simply copied over from the infected site. I submitted the domain, along with zirconstudios.com (which is just a redirct) to Google to be removed from the blacklist. Hopefully they'll do that ASAP.

tl;dr - There isn't any malware on my site now, and as soon as Google reviews my request to have it rechecked, the warning message will disappear. I'm really, really sorry for the inconvenience. Moral of the story - update your plugins

[Antonio Pizza]

It's probably giving a malware warning because the beats on his site are so siiick.

I like this answer better.

Win.

[Jason Covenant]

What happened was that MONTHS ago, a single plugin I was using to resize thumbnails had an exploit that some asshole used to put malicious PHP on my site.

Let me guess, timthumb? That plugin is notoriously insecure. Best to use a different plugin or the completely rewritten version.

Also, I've built/managed a number of wordpress sites in the past so I know a thing or two about it. If you need any help on things like this, feel free to ask.

[Mirby]

I'm guessing Google reviewed your request? When the message was appearing, it was always when entering a page zirc posted on. Since I can enter this thread safely, I'm guessing the issue has been resolved.

[Liontamer]

I had disabled his sig image, actually, but nonetheless it looks like it's all set.

[theshaggyfreak]

Just checked in Chrome and Firefox and it looks good for me to. I believe it's case closed.

[Benjamin Briggs]

so guys which is better google chrome or firefox

[KyleJCrb]

Chromefox.

[Mirby]

I thought it was Firome.

[StarZander]

I prefer Opera.

[Koriantor]

Definitely Netscape.