How to report a malicious site to Google, Microsoft, Mozilla, etc. so that they will warn users

12

4

I completed a project a year ago. Now a few modification were needed.

While trying to test the site, there was an index.html file with a malicious script which had an iframe to another site's jar file. Kaspersky antivirus blocked it.

I browsed via ftp to find the file and I deleted it. I also disabled directory listing.

Maybe the ftp details of the site owner would have been hacked.

I want to report this site to Google, Microsoft, Mozilla, and other antivirus providers. How do I do that?

I hope kaspersky would have updated it in their database, but I still want to explicitly report this.

Here is the popup kaspersky showed:

Jayapal Chandran

Posted 2010-12-22T08:26:40.477

Reputation: 815

Question was closed 2015-07-02T04:28:29.820

1In addition to the steps I listed below for reporting the website in question, I would also make sure to change all FTP account passwords for your site, and if you're running any sort of CMS, update it to the later version in case a security vulnerability let attackers into your site. – nhinkle – 2010-12-22T09:04:39.153

Yes. we have requested our client to do that. – Jayapal Chandran – 2010-12-22T11:49:46.043

Answers

20

  • Report any malicious pages to Google on the Google malware reporting page. This data gets put into the Google SafeBrowsing Database, which both Google Chrome and Mozilla Firefox, as well as some other browsers, use to determine if a site is compromised.

  • Report spam or malware in Google search results using Google Webmaster Tools spam report.

  • Report any malicious pages to badwarebusters.org. Data from this organization is used by a variety of internet companies, including Google, PayPal, Mozilla, and MySpace. (badwarebusters.org shut down in Feb 2015)

  • Microsoft uses their own SmartScreen Filter to determine in IE if a page is compromised. You can report pages to them by clicking on the Safety menu under tools, and clicking on Report Unsafe Website.

  • Report phishing attempts to DynDNS PhishTank. Their database is used by many antivirus companies, browsers, and other software.

nhinkle

Posted 2010-12-22T08:26:40.477

Reputation: 35 057

badwarebusters.org shut down in February 2015. – Kevin Fegan – 2016-04-23T12:31:52.873

1

Another organisation, which for what I've heard is used by Google too, and hence will probably be synchronised with the other services: http://www.phishtank.com

– Arjan – 2010-12-29T12:47:47.593

@Arjan, thanks for the tip. I added phishtank to the list. – nhinkle – 2010-12-29T17:53:00.457

Nice answer, but I cannot upvote twice ;-) – Arjan – 2010-12-29T18:15:03.737

Asked: 2010-12-22T08:26:40.477

Viewed: 8 884 times

Active: 2016-04-23T12:35:08.247