Last week Mayank had reviewed the latest security tool for Firefox- Finjan. He had mentioned that Finjan was showing 3 of the top 100 technorati blogs as malicious. Finjan scans the websites in real time and tells you if the site is safe or not. Mayank alerted me saying that my blog was also showing as malicious due to some script running on my blog.

I installed the plugin for Firefox and did a Google search for my blog. I could see that Finjan was showing it as malicious. When I clicked the information link, it showed me this information- “Potentially malicious behavior was detected on this page”.

This was the information that was being displayed and there is no detailed description on which script is showing as malicious. So I took the source code of my blog and started scanning to find out all the scripts. Many scripts were installed for plugins and I temporarily disabled all the plugins. But still it was showing the same error. Now only 4 scripts were left out, one was the Alexa widget, second one Sitemeter, one from Bluehost and finally the affiliate script from TextlinkAds. I concluded that Sitemeter and Alexa would not be malicious as they are used by many other blogs also.

I removed Bluehost script and TLA script one by one and checked which was showing the malicious code. Finally after removing the TLA script, Finjan was showing my blog as safe. TLA had recently updated their scripts and affiliate urls and I think this issue happened after this update.

If anyone has updated with the latest TLA’s affiliate script and the blog is showing malicious code, please do let me know. I have not contacted TLA, but planning to write a mail to them indicating the same.

Share & Enjoy