CBS Money Watch / ZDnet hacked and blacklisted by Google

We are getting reports that the CBS Money Watch and some ZDNet web sites are currently distributing malware and blacklisted by Google. We are still investigating it, but if you try to visit the CBS Money watch site (moneywatch.com), you will get a warning from Google:


What is the current listing status for moneywatch.bnet.com/investing?

Site is listed as suspicious – visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What is interesting is the web site being used to distribute the malware (zdnet.com – i.zdnet.com):

Of the 142 pages we tested on the site over the past 90 days, 76 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-04-19, and the last time suspicious content was found on this site was on 2011-04-19.

Malicious software includes 130 exploit(s).

Malicious software is hosted on 1 domain(s), including zdnet.com/.

If we check the diagnostic page for zdnet.com, it also says the following:

Has this site hosted malware?

Yes, this site has hosted malicious software over the past 90 days. It infected 5 domain(s), including bnet.com/, smartplanet.com/, findarticles.com/.

So something is definitely going on there. We will post more details as we investigate this issue.

Scan your website for free:
About David Dede

David Dede is a Security Researcher in the SucuriLabs group. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.