A note regarding Malware warning on ChillNite.com
2 days back Google identified that few of our pages on chillnite.com were infected with malware, and accordingly started displaying warning messages to visitors of chillnite.com
At this point we’d like to stress that we never host malware or any programs on our site that would infect our visitors computers.
As soon as Google identified the infected pages, we’re also notified and started thorough checking of all the files on chillnite.com During our investigation we’re able to identify the the suspect pages and quarantined them accordingly. What happened was that one of our key files that we use [timthumb.php] which generates thumbnails on our site automatically for all the posts, was outdated. And there was a vulnerability in the older version of this file, which was exploited to install a redirect header in one of our template files. Although all our pages are secured, but due to a recent migration of our site across from our old provider to our new provider, the permissions on one of the file was altered, making it vulnerable to the exploit.
Since then we have been scanning all the files extensively for any traces of exploits, and we have also hired World class 3rd party security checkers for our site, Sucuri Security, who are now monitoring our site 24 hours a day for any such untoward incidents. As I write this post, Sucuri Security’s team is checking thoroughly our servers for any traces of vulnerable pages. We’ve already notified Google for a review of our site again so that they will remove the warning page for our site but this might take upto 48 hours.
Meanwhile I would like to apologise to our visitors for this incident, again re-iterate that, we do not host any malware or viruses on our site.