This time it's not Google, and we need some malware sleuths to take a look at this page.
Malware visits Scroogle.org
Google sucks Since June 24, 2010, www.scroogle.org has been visited by malware. This has nothing to do with Google itself, as none of these visits were passed to Google. This malware continues despite the shutdown of Scroogle, and our blocking continues because we would like to identify the source. After 11 days of this, we have blocks in place for 20,000 unique IPs from all over the world. This page is a summary of what we know about how this malware behaves.
It might be nearly impossible to identify the source of this malware. Our best guess is that a fairly popular website is infected by malware, and visitors to that site trigger the fetch to Scroogle from their own computer. We suspect that nothing is displayed at all, because we tried showing an alert page for a day, and then tried redirecting to a SWF file that played a sound for a day. Now we just redirect to a one-pixel GIF.
We don't think it is viral, and the visitor to the malware site might even have a clean computer. We are continuing to block as soon as we see this coming into Scroogle. At most, any particular IP address gets in only two quick hits before our nbbw.cgi program is able to place the block. However, even before we fine-tuned our blocking, we noticed that multiple hits from the same IP were the exception rather than the rule.
More at link.
Edited by Orange Blossom, 18 July 2010 - 06:53 PM.
Adjusted quote tag location. ~ OB