Or is google trying to make everyone paranoid?

Actually there was a DDOS attack on the SFWA site a little while ago. I wonder if this is related?

https://twitter.com/sfwa

They indicate that there's a secondary attack, that they have identified the malware and removed it and are waiting for Google to re-scan the site.

Google has a fairly clear procedure for Webmaster's to follow:

http://support.google.com/webmasters/bin/answer.py?hl=en&answer=163634

Alas, as of right now, it is still there. I use my ipad to read it when this warning is up, as IOS seems pretty immune for the time being.

Such a setup. Cannot decide between "Again with the contraception mandate!" and "yeah, USC grads can be a security risk."

But good to know it's fixed.

Or, we blew *all* the asteroids away?

I think it's still infected, or else Google is showing a false alarm.

Once the site is disinfected, you can request that Google review it here.

With that said, Google's page is also saying, "This site is not currently listed as suspicious," so it looks like Google is confirming that the problem is fixed. The two instances of "on 2013-02-21" in the sentence Randolph @13 quoted must refer to an earlier and later scan on the same day.

But this is the second time in a few months that the SFWA site has been DDOS'd (they tweeted that this morning) and now this. Does someone have a grudge?

"The SFWA site is clear again. We are taking additional steps to try to keep these attacks from reoccuring. Thank you for your patience."

Any number of scammers who don't like Writer Beware. Or someone who thinks that SFWA is giving entirely too many awards to Girls. Or, some random teenager in Dubrovnik whose bots noticed a vulnerable site.

That would have been worth braving the malware by itself.

It's a Windows script that tries brute force on various ports, and looks for Java on the server.

N.B. Java not JavaScript.

hxxp :// www(.)sfwa(.)org / 2013 / 02 / guest-post-the-importance-of-pie-cooking-the-books-with-james-d-macdonald/

to prevent people from easily copying-and-pasting (or their mail clients from easily linkifying) and visiting a malicious URL. (Even the best of us screw up and click on something we didn't mean to occasionally, and it's a pain to have to burn down your system and rebuild it when it happens.)

If Google says there is malware on a site, or you hear a report, DO NOT VISIT IT.

Malware, much like carbon monoxide, may be imperceptible -- odorless, tasteless, and invisible to the naked eye. guthrie @2, please make sure your antivirus is up to date and run a full scan immediately.

If you want to know why people automate this kind of thing, this report released a couple days ago is a fascinating look at just some of the hijinks they get up to.

A roundabout way of saying: cool that you drop by here, Kevin R!

Tom Whitmore @28: A bit creepy, but thanks for the welcome! I've been hanging around here on and off for a while -- more of a lurker than a poster, but I read a lot. It's a good place, with a lot of smart people.

Dave Bell @29: If a malware alert pops up, there's a strong chance it's legit, even for a big site like Adobe. Big sites get hacked, small sites get hacked -- everybody gets hacked. It's not something I'd take chances with.

One of the things that drives me most insane about my family members is the insistence on justification for everything. When what I'm saying is something like, "Stop!! Hit the brake!" or "Don't touch that button!"*, it is not the time to say, "Why?" while continuing to do what you are doing.

*not hypothetical events

It's an even worse habit when combined with moving vehicles.

Especially with pedestrians in the equation. There's a really bad intersection near my house wherein, if the pedestrian is standing on the opposite corner waiting to cross, they are exactly in the oncoming driver's blind spot. More than once I've had to step lively to keep from getting hit (and this is not counting the drivers who simply won't stop to allow a pedestrian the right of way).

Riding out of there in a friend's car, I've had to speak up more than once: "Stop! Pedestrian! Watch out!" It's fascinating how long it takes for that message to penetrate.

There's an Adobe Flash Player update out, patches a couple of zero-day exploits. The download instructions recommend that you turn off your virus scanner...

One wonders what the hell they are playing at.

More and more I'm coming to believe that our malware-detection ecosystem resembles a mammalian immune system, complete with allergies, auto-immune diseases, and so forth.

The instruction still persists, though.

Jeremy Leader @39: Quite.

The update installation file for my browser often triggers my virus scanner (Norton) if I download on the day of release. It's one of the "known issues" in the current version's release notes.

(For some reason it doesn't trigger the scanner if I wait a few days and then download.)

It is important that you feel safe when you search the web. We're continuously working to identify dangerous sites and increase protection for our users. The following warning message appears beneath the title of search results we've identified as sites that may install malicious software on your computer: "This site may harm your computer."

And I wonder who'll tell Google that they misspelled "Notification"?

All better now! or at least so @sfwa declared about 11 hours ago...

@44 - Google, however, are probably beyond help.

Registered through: GoDaddy.com, LLC (http://www.godaddy.com)

Domain Name: WRITERBEWARE[dot]COM

Created on: 15-Oct-03

Expires on: 15-Oct-13

Last Updated on: 02-Oct-12

Registrant:

SFWA, Inc.

PO Box 877

Chestertown, Maryland 21620-0877

United States

Administrative Contact:

Webmaster, SFWA webmaster@sfwa.org

SFWA, Inc.

PO Box 877

Chestertown, Maryland 21620-0877

United States

8883227392

Technical Contact:

Webmaster, SFWA webmaster@sfwa.org

SFWA, Inc.

PO Box 877

Chestertown, Maryland 21620-0877

United States

8883227392

Domain servers in listed order:

NS11.DOMAINCONTROL.COM

NS12.DOMAINCONTROL.COM