On Wednesday we starting to receive a flood of complaints about some sort of malware/issue warning on the site. Apparently from Google’s own Safe Browsing tool. You can see what our site looks like on the issue right over here and you can look at what Google’s site looks like too. There was bad code that was installed on the site in the deep public back-end. How was it installed? Our ad server was targeted from out of date code that was vulnerable to attack. The strange thing was the malware didn’t appear to be working at least not for a while and that is why it took so long to track down the problem. Regardless, the ad server has been completely removed and installed with a different secure ad system. This has been one of the more sophisticated attacks I’ve seen, and its been reported by the media.
Reef Builders has grown tremendously over the past year. As a result evil bots/persons were scanning the site looking for vulnerabilities as they wanted to leverage the amount of traffic we get for their own use. Because of this we’ve added a very powerful hardware firewall to the site which blocks about 99% of the attacks we were getting subjected to. We should have added this sooner and I’ll take the blame on this one. This was my fault.
Special thanks to all who emailed, called, tweeted, and blogged about this. We wouldn’t be around if it weren’t for you.
