(Photo by Mike Scullen).
Over the weekend, on Saturday, April 5, 2008, one of our features, I is Stewpid, hit the Digg.com front page. Though we have been there before, this instance was unique in that a few spyware redirects (from TheMishMash.com, not Digg.com) were reported.
We hoped to draw attention to these reports for two reasons:
1. We hate spyware too and we wanted to apologize to the affected users; and
2. We are not tech-savy and we need help finding out how this happened. We DON'T want it happening again.
For you sleuths then, here is what we know:
a. First, our website is run and hosted on TypePad, a reputable and easy-to-use blogging platform.
b. The numbers of visitors affected was small. Though on Saturday and Sunday our approximate pageviews exceeded 170,000 there were only 35 to 40 comments/complaints about spyware, pop-up's, redirects, etc. In fact, none of us here could recreate the problem.
c. According to some Digg reader comments, affected users, after visiting the I is Stewpid
page, were presented with a misleading popup. It further appears that a
few were then directed to (DO NOT VISIT) imunizator.com. One Digg user mentioned as a possible cause "an .swf file from [again DO NOT VISIT] promoplexer.com." A third user said he/she was redirected to [DO NOT VISIT] antispywaredeluxe.com.
d. Shortly after we learned what was reported, we immediately contacted Google AdSense, a TheMishMash.com advertising provider, and requested assistance. We further blocked AdSense from displaying ads from imunizator.com, promoplexer.com and antispywaredeluxe.com. We do not, however, yet know whether any even advertise on AdSense.
e. The problem seemed to affect only visitors coming from Digg.com.
f. To our knowledge we have never approved pop-up advertising, whether through AdSense or otherwise, though we intend on Monday to verify that.
Obviously we have no idea at this point who, if anyone, or what, was to blame. It very well could have been something we did wrong; we just don't yet know.
The long and short of it? To the Digg users who were affected, we are sorry. To those readers with expertise and/or experience in these matters, help. Any suggestions, further information, clues, etc. is appreciated. Please contact us at mail@themishmash.com.
So, (1.) sorry, (2.) help, (3.) thanks in advance and (4.) fu@k spyware!
Dookie McBride
TheMishMash.com
The real problem is that digg has been hacked and probably not that themishmash has done anything wrong.
Digg has been having all sorts of problems lately. Today it crashed for three hours. People have been getting "Digg not submitted. Please reload the page and try again." Submissions are not going through, etc.
It sucks to see this site negatively affected, by something that it has very little control over.
Posted by: It was Digg & Not TheMishMash | April 07, 2008 at 05:19 PM
I got the pop-up, but I didn't find it through Digg, so I don't know if its Digg exactly...
Posted by: Katie | April 07, 2008 at 06:41 PM
#1) 9/10 this happens when users have the same piece of malware. It just seems like it's 'only Diggers' since there are so many people redirecting from there. It stands to reason that they have similar browsing habits as they frequent similar websites etc.
#2) Adsense probably isn't the culprit since they generate the code themselves NOT the advertiser and I can't imagine Google would want that kind of bad press getting out since advertising is how they make their money. But anything is possible I guess.
#3) It's possible Digg was hacked as well and a malicious script was put in, but I'm still guessing it's #1
Posted by: manny | April 08, 2008 at 06:45 AM