At first, it is a quite bad feeling. All pages of holbreich.de1 flow out of google index :(. According to Murphy’s Law that happened when I was at some seminar and therefore had not time for my personal page.

Google is kindly enough and tries to contact you in such case, when they about to throw your site out of the index because your site is malware infected. In such one unlucky case you get the Malware Notification. Normaly this Notification goes to following addresses of your domain.

  • abuse@
  • admin@
  • administrator@
  • contact@
  • info@
  • postmaster@
  • support@
  • webmaster@

Therefore you are good advised listening to at least one of them on your own domain.

The Malware Notification Mail points you to some affected URL’s (In my case there where two). Also the same information could be found in Google Webmaster Tools.

As next, you have to investigate the cause of this notification and clean your site. In best case you should find and fix the bug which was used for infiltration.

As you maybe remember my side was already attacked in the past, so I do not wounder as much that such a thing happen. Also in my case i did found the modifications on some post, where commented iframe with a linked to a bad site with and .php script was included. Maybe just some tracking or something like that. I wonder if such construct works still in any modern browser, but I’m not expert in such.

Root cause

Now i understand the source of the problem. I still do not exactly understand how it could it work in my case, but i seems to be the Trojan HTML/Crypted.Gen.

Dancho Danchev describes a similar case. Maybe someone can tell me how exactly it worked in my case.

However. Now I have the newest version of WordPress, the newest Version of Plug-Ins, and clean posts. I have notified Google through Google Webmaster Tools to check my site again. Hope they’ll do it in the nearest time.

P.S. Wordpress is not that secure as such popular platform should be… :(

  1. Former domain of this blog. ↩︎