homepage Welcome to WebmasterWorld Guest from 174.129.76.87
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google AdSense
Forum Library, Charter, Moderators: incrediBILL & jatar k & martinibuster

Google AdSense Forum

This 50 message thread spans 2 pages: < < 50 ( 1 [2]     
Adsense by a hacker?
morpheus83

10+ Year Member



 
Msg#: 8005 posted 9:11 am on Jul 20, 2005 (gmt 0)

Was browsing through my site and noticed a 300 x 250 adsense box at the bottom of the page Which I had not inserted. The publisher code was not mine. When I refreshed the page the ad was gone. This has happened thrice now it seems someone has managed to hack my site and inserted the code or can it be spyware? What action can I take? Report the publisher id to google.

 

ann

WebmasterWorld Senior Member ann us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 8005 posted 10:48 am on Jul 21, 2005 (gmt 0)

I use this script also but I got it several years ago and it does not have any of that in it....must have new and/or greedy owners.

Ann

Freedom

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8005 posted 11:44 am on Jul 21, 2005 (gmt 0)

For ZoneMR

Google Program Policies:

A site or third party cannot display our ads, search box, or search results as a result of the actions of any software application such as a toolbar.

Very similar in the case of the Refer a Friend script.

You should also read Jenstar's recent thread breaking down the new policy changes on July 15:

In addition, You agree that while You may display more than one (1) Ad Unit on each Site Web page, You shall not display any Ad Unit on a page that contains Ads associated with another Google AdSense customer (e.g., Your Web hosting company), unless authorized to do so by Googleor such other AdSense customer, if authorized.

Jenstar Summary: This helps clarify the section of the terms that has been confusing, and gives AdSense the ultimate control over where ads by more than one publisher appear on the same page during a single page view. Previously, as long as you had permission of the other publisher whose ad unit(s) also appeared on the same page at the same time, you were permitted to do it. This change now means that you must seek Google's approval before two publisher's ad units can be placed on the same page together during the same page view

[webmasterworld.com...]


EVOrange

10+ Year Member



 
Msg#: 8005 posted 1:20 pm on Jul 21, 2005 (gmt 0)

morpheus, just to clarify.

You used a script on your site for some function that you got from another website and in the code, they are able to insert their AdSense ads on your site?
Is that correct?

EVO

frox

5+ Year Member



 
Msg#: 8005 posted 2:54 pm on Jul 21, 2005 (gmt 0)

EVO, the interestng bit is the following.

<script src="http://xyz.com/s/?ID=3123&SL=http://www.xyz.com/images/announce.gif">

That is, it looked like a normal image but, being loaded in a <SCRIPT> tag, it could also contain a script.

Usualliy (as in adsense) this line looks like this:
<script ... src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

That is, you immediately see that you are loading a javascript.

The .gif extension, in this case, was misleading, as one would assume to be loading just a gif.

I guess that what was happening was the following:
1) you load a file called "announce.gif"
2) regardless of its name the file is not a GIF, it's a javascript
3) this javascript displays an image, then proceed to do something else (such as displaying ads)

the result is that the user sees the filename announce.gif, sees an image in the browser and very easily does not really realize that a script is being executed within its page.

This is a form of "cross site scripting" and is generally VERY dangerous, you should never allow javascript from someone else to be run into your page, as it gets in the security environment of your page.

Just for an example, if your site www.good site.com stores the password in a cookie, usually this cookie is not visible to other sites.

But, if in your page you do <script src="www.bad site.com/script.js"> then you load the "script.js" in your site. This script can now see the cookie of www.good site.com and if needed send it to the bad guys at www.bad site.com

So, importing a script from a site you don't have control is always a way of lowering your defenses.

This includes the scripts you load from Adsense, of cource, but in this case there is all another degree of reliability..

morpheus83

10+ Year Member



 
Msg#: 8005 posted 4:16 pm on Jul 21, 2005 (gmt 0)

morpheus, just to clarify.
You used a script on your site for some function that you got from another website and in the code, they are able to insert their AdSense ads on your site?
Is that correct?

EVO

------------------¦¦-----------------
Yes the script was a Email to friend script. It was working fine when I added it to my site. However a couple of weeks later I got an email to add the new code. But I did not do it. So the link disappeared and there was nothing displayed. A week back this adsense fiasco started.

incrediBILL

WebmasterWorld Administrator incredibill us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 8005 posted 7:07 pm on Jul 21, 2005 (gmt 0)

BTW, just in case you've not noticed a bunch of GIF/JPG image ads these days are actually crafted to LOOK like an AdSense ad, but it's just an image that has text on it.

Maybe this is what you saw?

frox

5+ Year Member



 
Msg#: 8005 posted 8:25 pm on Jul 21, 2005 (gmt 0)


Maybe this is what you saw?

He was speaking of the publisher code inside the javascript...

morpheus83

10+ Year Member



 
Msg#: 8005 posted 2:37 am on Jul 22, 2005 (gmt 0)

It was not an image made to look like adsense ad. It was an adsense ad as in the script <script src="http://xyz.com/s/?ID=3123&SL=http://www.xyz.com/images/announce.gif"> the announce.gif was pointed to my website it was an email to friend image. [wwWebmasterWorldebsite.com...]

Jenstar

WebmasterWorld Senior Member jenstar us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 8005 posted 2:46 am on Jul 22, 2005 (gmt 0)

I investigated it too, and it was definitely a third party using a javascript to insert AdSense into webpages they did not own without permission. The site that offered the script apparently changed hands recently, and it was switched to running this rogue AdSense on others sites who had left the script online.

It was set to only show the ad once every two days, so it could have been easily missed by webmasters, especially since these kind of scripts are often placed below the fold.

AdSense is aware of the situation.

And technically, any third party javascript you place on your site could do this.

billhunter

5+ Year Member



 
Msg#: 8005 posted 8:44 pm on Jul 22, 2005 (gmt 0)

It might be the problem of your ISP's DNS.

AdSenseAdvisor

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8005 posted 9:14 pm on Jul 22, 2005 (gmt 0)

Hi all -

Thanks for the information posted on this thread. We've worked to resolve the issue, and you should no longer see Google ads from this network appearing on your sites. Apologies for any confusion or inconvenience and thanks again for helping us identify the problem.

-ASA

too much information

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8005 posted 8:56 pm on Jul 26, 2005 (gmt 0)

Sorry to bring this one up again, but I had my site hacked this weekend. They used a security flaw in my Drupal setup and created their own index.html file with their adsense code on it.

I think I have all of the holes plugged now, and I did send the publisher ID on to Google so hopefully something good will come of this.

Is there any way to use the publisher ID to search for other sites that show this person's ads? I would really like to know more about my hacker.

jomaxx

WebmasterWorld Senior Member jomaxx us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 8005 posted 9:53 pm on Jul 26, 2005 (gmt 0)

ASA, since you're speaking in the past tense I assume the ads are now gone.

The other day I came across what I think is the exact same thing happening on another site. I assumed it was this same network, but Google ads are still showing as of now. They are actually superimposed over the website's content. I will sticky you the details and you can handle it as you see fit.

morpheus83

10+ Year Member



 
Msg#: 8005 posted 8:21 am on Aug 3, 2005 (gmt 0)

The publisher is banned. :-)

Freedom

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8005 posted 8:58 am on Aug 3, 2005 (gmt 0)

How do you know this morpheus?

morpheus83

10+ Year Member



 
Msg#: 8005 posted 9:36 am on Aug 3, 2005 (gmt 0)

Jenstar has posted on her blog.

Freedom

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8005 posted 9:42 am on Aug 3, 2005 (gmt 0)

Really, I need to start reading her blog.

invisible

10+ Year Member



 
Msg#: 8005 posted 10:33 am on Aug 3, 2005 (gmt 0)

I just received an email from Adsense support saying that -

We found that you're displaying Google ads on pages ("Stupid Porn Name.com") that include profanity in the site URL or content of an adult or mature nature. AdSense publishers are not permitted to place AdSense ads on pages with such content. As a result, we have disabled ad serving to these pages.

I have absolutley nothing to do with the site and know nothing about it.

I then receive an email from my hosting company saying that my server has been Hacked. I have a dedicated server with one of the biggest companies.

I presume this is something similar to this post. But the hackers must be using my publisher ID for Google to associate it to my account.

What's up? How do I stop this?

Thanks

vincevincevince

WebmasterWorld Senior Member vincevincevince us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 8005 posted 10:38 am on Aug 3, 2005 (gmt 0)

It's not necessary to hack your server to get your publisher ID - they can just view your page source!

Maybe it's a competitor trying to get you kicked out from adense. Made or picked up for peanuts a 3rd rate porn site and stuck your adsense all over it, waited a couple of days and reported it as adsense abuse.

Luckily for you Google only trimmed those pages, but I should definately email them to let them know that it wasn't you who place the ads there. Next time it happens it will be a pattern and you mightn't be so lucky.

morpheus83

10+ Year Member



 
Msg#: 8005 posted 10:57 am on Aug 3, 2005 (gmt 0)

Search on whois for that site and email to adsense saying the site does not belong to you. I am sure this must have been done by a competitor.

This 50 message thread spans 2 pages: < < 50 ( 1 [2]
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google AdSense
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved