Americas

  • United States

Asia

Oceania

Google Chrome issues warnings while blocking ESPN.com and major websites

Opinion
Feb 10, 20134 mins
Application SecurityCybercrime

On Saturday, February 9, 2013, I was watching Valparaiso play Cleveland State in college basketball, while checking on some sports scores. All of a sudden, a red box popped up from my Google Chrome browser which cut off the website and warned, “Danger: Malware Ahead!”

On Saturday, February 9, 2013, I was watching Valparaiso play Cleveland State in college basketball, while checking on some sports scores. All of a sudden, a red box popped up from my Google Chrome browser which cut off the website and warned, “Danger: Malware Ahead!”

Having never seen this message before, I was somewhat surprised, but also intrigued. Was this a mistake? Could ESPN.com really be infected with malware? What was really going on here?

 Those trying to reach major websites ranging from The Huffington Post to CNET and using Google’s Chrome browser may be getting blocked, as Chrome puts up a “Danger: Malware Ahead” warning.

I first noticed this last night, when I tried to reach an article at The Huffington Post, and got this warning screen: [same picture I received was here listing www.huffingtonpost.com ]

The warning said that content from Buddy TV, a “known malware distributor,” had been inserted into the Huffington Post site.

Oh dear. The culprit? A little box at the Huffington Post that pulled in headlines from the Buddy TV website, which Google yesterday considered to be malware. Today, that problem is gone.”

This posting occurred on February 4, 2013, but the implication was that all was fixed. Obviously, this is not the case, and many top tier websites are still having major problems with this.

A New Trend?

Sure, we have known for a while now that malware has spread from those deep, dark websites that enterprises and families are supposed to block to the mainline websites that everyone visits on a Saturday afternoon in mid-February. But ESPN.com? WOW!

I googled “ESPN Malware” and received this result, which does show that I am not the first person to experience this problem and write about it. Obviously, this issue goes back to at least 2011. The existence of the malware is not new, but Google’s Chrome browser now shines a new light on this trend.

Still, where does this end? Malware on mainline websites is becoming a really big deal, I think. Is this issue heading for a top story on Oprah or Good Morning America? If not, perhaps their websites will be next? Will it take someone losing $$s or perhaps filing a lawsuit for this story to go viral?    

Thank You Google!

  I have been critical of Google and Microsoft in the past; therefore, it is only right that I praise them for their recent actions. It seems that Google even blocked their own YouTube website yesterday. Here’s an excerpt from that article:

  “Chrome browser blocked users from multiple websites — including its own YouTube video site — Saturday due to suspected malware, mirroring a situation earlier in the week when ads served across the Web barred Chrome users.

Complaints on Twitter began appearing around 1 p.m. Pacific time Saturday, with users reporting varied sites — including MercuryNews.com, YouTube, NBC News, The Verge and several smaller destinations — returning a red Chrome malware warning….

Google did not immediately respond to an email request for comment Saturday, outside normal business hours, but said in response to Monday’s incident that it does not comment on individual malware cases….”

To give a little equal time, I can also point out that Microsoft and Symantec recently brought down a large botnet – so several security teams are doing good things. Security bloggers always talk about bad news and a lack of action, so this development is important to mention. Yes, the public will see this as bad news, but it is important to shine light in dark places. This is indeed progress for the security community at large.

My View: A new milestone

     It is clear to me that we’ve reached a new milestone in computer security. Hopefully, all websites will now take more dramatic steps to eliminate malware from their websites. I know this means the ads that they serve up and more must be free of malware, and this action will not be easy or cheap to maintain over time. No doubt, the bad guys will quickly change tactics once additional protections are put in place.

But when ESPN gets blocked by Chrome on a Saturday afternoon in February – change is a coming!

What are your thoughts?

dlohrmann

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan State Government. Dan was named: "CSO of the Year," "Public Official of the Year," and a Computerworld "Premier 100 IT Leader." Dan is the co-author of the Wiley book, “Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions.” Dan Lohrmann joined Presidio in November 2021 as an advisory CISO supporting mainly public sector clients. He formerly served as the Chief Strategist and Chief Security Officer for Security Mentor, Inc. Dan started his career at the National Security Agency (NSA). He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. Lohrmann is on the advisory board for four university information assurance (IA) programs, including Norwich University, University of Detroit Mercy (UDM), Valparaiso University and Walsh College. Earlier in his career he authored two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Mr. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

More from this author