Malware issues and site maintenance
Thanks to all of our readers who have written in to notify us about malware warnings that the site has prompted in the past couple days. I wanted to update you that the malware was all removed by Thursday afternoon, although it took a bit longer for the warning messages to come down.
Please accept my apologies for not publishing this notice sooner. When we discovered the issue, we immediately and completely locked down site publishing for the clean-up and initial diagnosis, hence the silence on our end. I do want to address a couple of specific concerns you may have. The malware that the hackers injected onto the site was located in an invisible link -- this is not something you could have accidentally "clicked on." So visiting Cool Tools would not put you in any danger of malware. The reason these folks embed links in high-traffic sites like this in order to get higher page ranks from Google. Second, our sys admin has tested the site extensively on multiple machines, both Windows and OSX -- all of our machines remain uninfected.
We're continuing site updates this weekend and should be back to a normal publishing schedule Monday morning. You may notice some lag time in comment publication until then. Please accept our sincere apologies for the inconvenience, and our thanks and appreciation for your concern.
-- CC
Favorite (15)
Richard
It's ok, I use adblock so I never even noticed.
BG
As I always point out, if your systems were penetrated to the point that someone could install something or alter files on your server, the server will not be be considered safe until the machine has been wiped and reinstalled from the ground up as you have no idea what other software was installed. Root kits are very very good at evading detection.
Andrew Pollack
Tried to post last night, but it wasn't working.
SEO "Consultants" and firms should be the second up against the wall when the revolution comes (first are telemarketers and spammers) followed at a close third by DNS name speculators.
seefdublew
Did everyone get that? Richard's okay. We don't have to worry about Richard.
tdh
If Google tracked the origin of click-throughs, the sources of this sleaze could be identified and blocked. Why don't they do this?
Dominic
LoL at seefdublew.
Man am I glad Cool Tools is back. That red screen was just killing my goof-off time.
Welcome back. Sorry you guys have to deal with this crap. I was sure you would be doing everything possible to come back and fix things.
Sorry to all the peoples who are getting less food, sex and fun because of it. My thoughts are with you.
anienigmous
Dominic; Because of the gluttony and sleaze and the laziness of a nation, in a matter of moments, the curtain will be opened and the farcical play that we call a democracy will be over.
tdh; rfid right? outlaw cash? track everything? Cameras everywhere? There ought to be a law!
Andrew Pollack; The Revolution? Is that the name of a song or movie? There will be no revolution not with this fat lazy vain generation. The last revolution came when the hippies bled in the streets. They gained more freedom than we had had in an hundred years - that we will ever see again under the Corporate Stars and Stripes.
Charlie
BG is correct.
Ron
BG is not entirely correct. A SQL injection attack, for example, could compromise a site in such a way as this without requiring that either the webserver or the database server be wiped.
Andrew
Agree with TDH. Google caused these problems--before Google's ranking $$, no one bothered stuffing their URLs in all sorts of inappropriate places. As they are the ones to blame, they should fix the problem of web spam.
Ron
But how on earth would Google track the origin of clickthroughs from one site directly to another? It's one thing to identify a link, entirely another to know who uses it.
Besides, I don't accept the premise that Google bears any responsibility here. Though certainly it would be a good business move to effectively filter out invalid or meaningless links, thereby boosting the validity of their ranking system (and, incidentally, reducing any incentive for web spam).