Topic: coinurl.com considered malware, sites using it are being blocked by chrome. (Read 4749 times)

I agree it's concerning that there is not more official news, but it seems to be resolved according to Google

Main Site:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?hl=en-US&site=http://coinurl.com/

Url Shortner:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?hl=en-US&site=http://cur.lv/

Thank you both for your feedback.

as of a few hours ago, they started feeding interstitial ads again.  thus 'fixed'

this is just great. done with coinurl.

when will this shit be fixed? 

can't find any news/info on coinurl or elsewhere.

yeah, at least the banners don't block your websites any longer

It's only when you click on cur.lv links, I think. These are still flagged as containing malware.

At the mo I receive no warnings at that site.

I am having the same problems at my site http://www.rainingbitcoin.com .

I stare at the console and watch everything happen. No analytics needed.

is this fixed now? I don't get the malware warning anymore... can anyone confirm?

I don't use any external analytics software. I analyze visits myself, unless the user has DO NOT TRACK set in their browser.

$4 per month for external hosting is okay IMO.

So, let me get this straight.

An independent ad-network (coinurl) has say 1000 advertiseres. They have ads that are rotated on willing client sites (let's say 10000 blogs/websites/journals).

Then 1 advertiser decides to go rogue. He puts some malware on his site in the hope of infecting some visitors to client sites.

This is somehow detected by google or whomever, but eventually it's reported to those governing the black lists at Chrome and Firefox. I'm sure the intention is 'good', but the results.. ?

Of those 10000 sites showing those ads, all visitors will get a warning page, because the serving site had a coinurl affiliation, and because 1 - one - advertiser is rogue ?

If those 10000 sites have 100 visitors each, that means 1 million visitors get the warning screen, of which maybe a large part will lose trust in the site they visit, or not continue with their current business at that site.

How on earth is this acceptable? I've seen fraudulent ads on Google Adsense, but never have I seen all sites running Google Adsense ads give a browser warning for this reason. This would of course affect Google's bottom line if it were to happen. so it never happens. But the small ad-networks, well it's not such a big deal with them for Google.. Google is google after all, so they don't give a rats ass about the revenue and reputation of Coinurl. Since some sites experience problems with Coinurl ads (having their site giving a browser warning), I would not be surprised if some site owners would give up Coinurl altogether, because when this happens once, it could happen again.

What technical limitations are there to only give a warning on site that hosts the add to the malware in question? For example, chrome could easily have been programmed in such a way that every site hosting an add known to link to a malware site, just got disabled with a warning note in the browser, no need to close down a whole business and affected a plentiful amount of users.

Or is everything automated, and this is the standard way to do it? Either way, I'd find this highly unacceptable if I were running a small ad-network. What if a competitor or a rogue individual just signs up frequently and puts malware on a site, and uses coinurl for advertising, wouldn't that basically be some sort of ddos attack?

Perhaps coinurl is not that big, but some sites actually have significant revenue, and only a few hours of downtime could lead to significant monetary losses.

With the revelation that Google let NSA spy directly on customers, and openly share data, perhaps we should just move away from google services altogheter ? It seems like they're digging their own grave.

I don't know about this particular case, but I had a site that was listed like this wrongly about three years ago.  I got google to lift the warning after some time, however even today,  some of the major links to the site that gave it most of the traffic and value, never returned. 

It is unfortunately not all that uncommon to use ad networks to try and insert malware though.

I really think google is getting way too much in the loop of things these days.  I wish btc sites would stop putting them in for analytics and such all the time at least.   For that matter I am tired of cloudflare backed sites.

so, is it solved by now?

The banner ads themselves will not contain the malware.  There was an unrelated link that was shared on the interstitial ads that pointed at a page that Google claims to be malware.  They flag the whole domain.  We can't even replace the content of our ads when it's like this to help the situation, just have to wait a few hours..  Argh.  I expect this to be solved in 1 more hour!

I just went to a random bitcoin site a little bit ago, from a mac, and I got the scary message:

If you proceed, this site may harm your mac. And it was a page unrelated to coinurl, but probably some coinurl add embedded in the site, and thus the warning ? I remember coinurl was mentioned in the warning.

Why can't all the embedded adds be only simple adds that can not contain malware. Just to be on the safe side, I chose not to visit that particular site, as I don't have much experience with Mac, and I don't want to have an infection on a machine that's not even mine, but belong to someone else in the household.

Seems like quite a devastating experience for a high number of users and also for the admin of coinurl, and also for all sites carrying their adds that have their users experience this pop up screen as well..

I've seen them put alarms on sites that were clean for a while but they don't hold a candle to how bad Siteadvisor is
Been using a red site that was labeled green for years before that and for the last 3 weeks its still not fixed back to green lol.
Web of Trust all the way

Usually all browsers look to google safe browsing for security. I have also had pretty frustrating experiences with getting whitelisted with them as well, no one to talk to, etc.