I’ve Been Hacked!!
A user recently brought to my attention that Google was reporting my site as a malware site. I found that hard to believe, but I went and checked and he was right. Based on the report I see from Google, my site was acting as an intermediary for installing malware on people’s desktop. This was very distressing for me to find this out. Here is what Google displays:
I then went and checked some of my other sites and lo and behold, they were also tagged as malware sites.
It took some effort, but I eventually found the cause of the problem. I host all my domains at Dreamhost and in the home directory of my account, someone had installed a .htaccess file. It was actually a bit deceptive as they had about 80 blank lines and then the malware stuff so if you first bring it up in an editor, it looks empty. I deleted the file and all seems well. Before deleting it, I could see my browser grabbing “stuff” from some strange sites. Also, when I clicked on various links, I got strange browser window popups asking to install a virus checker. Once I remvoed the .htaccess file, that all went away.
Google has a process where I can submit my sites for review and I’ve done that so hopefully it’ll get cleared up in the next few days.