Today when making the final touches on a proposal for a potential client, I pulled up their site in Chrome, and before it completely loaded I received a malware warning. A malware warning in Chrome means that Google has detected that the website attempts to load malicious software. This kind of thing not only destroys your traffic but can also completely tank your search engine rankings. Google will have a bit of patience and give you a chance to clean up the problem, but if you don’t get to it quickly they will wipe your site from their index because they don’t want to send users to a website that will harm their computers.
Usually when this happens, your website is pulling compromised external data, or worse, has been hacked. The compromised external data could come from an embedded newsfeed or other embedded element that has some malicious code injected, or if you have a WordPress site, it could be a compromised plugin.
To solve the problem start removing external data sources and plugins until the offending website is not called when your page loads. The easiest way to monitor your progress is to use a Chrome extension called Speed Tracer which allows you to see all the connections your site makes when a page loads. Google tells you the offending URL in their malware warning so start cutting external data sources until that URL isn’t called in speed tracer. You can then add components or plugins back until you see the offending source mentioned again and you’ll know what has been compromised on your site so you can remove it until it’s cleaned up.
If your site has been hacked, you should see weird code when you view the source. Immediately change all of your login passwords and restore the site from a CLEAN backup. If you can’t get it resolved immediately, get a pro involved. Lost time is lost traffic and greater potential for a Google penalty.
