Phys.Org Hacked, serving up malware? Google blocks site, but Bing doesn’t

Starting this morning, if you tried to access Phys.org from either Chrome or Firefox, you were greeted with:

Firefox also warned of Phys.org being an attack site and blocked access.

If you don’t know, then Phys.org is a “news portal [that] provides the latest news on science including: Physics, Space Science, Earth Science, Health and Medicine.” When I searched to contact Phys.org and notify the site, as well as ask about serving up malware, Google search also warned “this site may harm your computer.”

Yet a search for Phys.org with Bing did nothing at, no warnings to protect users.

When using Microsoft’s Internet Explorer, it also took me directly the site which acknowledges the brief hack.

Regarding malware warning: Phys.org has been briefly hacked today, but there is no threat to users. Google has been notified and will remove the warning in a few hours.

When I reached out to GFI, Dodi Glenn, product manager for GFI VIPRE Antivirus, told me, “Phys.org seems to be plagued with security problems. This time, their spokesperson acknowledged that they were breached, but no one was harmed. They also stated that Google should be removing their notification shortly.”

Indeed Phys.org has suffered from similar security problems such as last May when a PhysOrg spokesperson told ZDNet, “Our admins haven’t found any signs of badware on the site.”

However as of 1/16/13 at 1:17PM Eastern, StopBadware has PhysOrg blacklisted. 

In case you can’t read the text, it states “A red square () indicates the URL is currently blacklisted by StopBadware’s data providers.” Note the red square next to Phys.org .

Do you use HTTPS Everywhere? If not, then you really should. But if you happened to go to Flickr yesterday evening while using HTTPS Everywhere and Firefox, then you were greeted with “Untrusted Connection.”

While it was not the end of the world, or serving up malware, it was a bit irritating that Flickr had allowed its SSL security certificate to expire. Technical details stated, “secure.flickr.com users an invalid security certificate. The certificate expired on 1/15/2013 at 5:42 PM.” About 3,000 sites support HTTPS Everywhere, but Flickr is listed as “partial.”  

GFI’s Dodi Glenn told me:

With respect to Flickr.com, it appears they may not have renewed their certificate. However, there are times where certificates are revoked, which means the site may no longer be safe. It is important to update the Microsoft Root Certificates since it contains certification authorities that are trusted by Microsoft.”

For both of these scenarios, it is important to have an antivirus product that has URL filtering. In the event of a breach, the web filtering feature can block connectivity to these compromised sites.

Like this? Here’s more posts:

• Critical Infrastructure Malware Infections: From ICS-CERT report to SCADA Strangelove
• Police State starts in tiny Arkansas town
• IE fix easily broken; Espionage hacker gang has endless supply of zero-days
• Chrome, Firefox, IE to block fraudulent digital certificate
• Don’t faint: Microsoft applauds hacker for Windows RT jailbreaking attempt
• Oracle releases emergency Java patch; experts warn flaws may take 2 years to fix
• Valve’s Steam Box controllers may use biometrics and gaze tracking
• 20 Seconds to jailbreak Windows RT
• Intelligence report predicts IT in 2030, a world of cyborgs with Asia as top power
• Unpatched TRENDnet IP cameras still provide a real-time Peeping Tom paradise
• Meet Red October, the latest cyber-spy malware for digital espionage

Follow me on Twitter @PrivacyFanatic