Hi,
Since yesterday, our production sites are flagged as malicious sites by Google.
After some research, it seems that the jQuery 1.2.6 from Drupal 6 is considered as malicious by Google. So, I have not find some topics about that, none on drupal.org, none on Google,...
Is there somebody whose have the same problem or any solution?
From Zulu URL Risk Analyzer:
URL: ????/misc/jquery.js?z User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Referer: http://????:80/ Submitted on 12/20/2012 at 13:18 GMT Status: finished
Redirections: HTTP Status Code: 200 OK Content Size: 31028 bytes Content Type: application/x-javascript IP Address: ???? Country: Netherlands Web Server: Apache/2.2.3 (Red Hat)
Malicious 98/100
Zscaler Malicious URL: * malware * This check increased the overall risk score. Zscaler URL Check * URL blacklisted by Google Safe Browsing: goog-malware-shavar * This check increased the overall risk score. Suspicious Filename Character Usage * jquery has suspicious character score 4.17
Regards,
Maxime Gilbert
We have literally hundreds of Drupal 6 sites. Many have used jQuery Update, but not all. I don't know if anyone here has checked wherever you found that report, but I am unaware of any malicious site labels.
Nancy
Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.
From: Maxime Gilbert
Since yesterday, our production sites are flagged as malicious sites by Google.
After some research, it seems that the jQuery 1.2.6 from Drupal 6 is considered as malicious by Google. So, I have not find some topics about that, none on drupal.org, none on Google,...
Is there somebody whose have the same problem or any solution?
Thank you Nancy,
After more investigation, we have found some scripts injected into our sources. So, the black-listing is certainly not due to the jQuery version of Drupal 6, and the report from Zulu URL Risk Analyzer is ambiguous.It remains for me to find the gate of hell to our servers ...
I was afraid to have a security issue not identified by the community... ><
I thank you for responding so quickly.
Regards,
Maxime Gilbert
2012/12/20 Ms. Nancy Wichmann nan_wich@bellsouth.net
We have literally hundreds of Drupal 6 sites. Many have used jQuery Update, but not all. I don't know if anyone here has checked wherever you found that report, but I am unaware of any malicious site labels.
*Nancy* Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.
*From:* Maxime Gilbert Since yesterday, our production sites are flagged as malicious sites by Google.
After some research, it seems that the jQuery 1.2.6 from Drupal 6 is considered as malicious by Google. So, I have not find some topics about that, none on drupal.org, none on Google,...
Is there somebody whose have the same problem or any solution?
-- [ Drupal support list | http://lists.drupal.org/ ]
-
Maxime Gilbert -
Ms. Nancy Wichmann