ProZ.com and Security
The ProZ.com site team takes its responsibility to protect the private data of site users very seriously. Should there be any incident involving a breach of security, details will be posted here.
ProZ.com ad server infected with malware
On November 20, 2012, at around 09:55 GMT, ProZ.com's dedicated ad server was infected with malware. That malware was active for about four hours, after which time ProZ.com's banner ads were turned off. The cause was determined to be known vulnerabilities in out-of-date versions of the ad server software. The ad server was reinstalled with the latest software, and brought back online.
Then, on December 3, 2012, the ad server was infected with malware again, between 11:55 and 13:08 GMT. The infected ad server was taken offline again--this time, permanently.
The direct effect of this malware is that a site user who visited a page with banner advertisements could have received content from, or could have been redirected to, a site other than ProZ.com. It is possible that this content could have been malicious. This caused alerts to be issued by some antivirus programs (such as Norton, Avast, and Kaspersky.)
Beyond redirects, there have not been any substantiated reports of service interruptions or other consequences from this malware. However, anyone who accessed ProZ.com during this time is strongly advised to run an anti-virus scan as soon as possible, even if no symptoms have been noticed. If you don't have anti-virus software, try the free Avast anti-virus (for Windows and Mac) and MalwareBytes anti-malware programs.
Frequently asked questions about this incident
Who was potentially affected?
Any user who viewed a ProZ.com page containing banner ads between 09:55 and 14:00 GMT on November 20, 2012, or between 11:55 and 13:08 GMT on December 3, 2012, could have been affected.
Email notification has been sent to users who appear to have viewed ads during this time.
What steps are being taken to ensure this doesn't happen again?
The ad server software that enabled this exploit has been taken offline permanently. ProZ.com will switch to Google's ad service (DFP Small Business).
What should I do if I may have been affected?
Users who may have been affected by this incident are highly advised to scan their computers for malicious software using a tool such as the free MalwareBytes anti-malware utility and/or the free Avast anti-virus program. If any malicious software is found, follow the utility's instructions to quarantine or remove it.
If you think you were affected by this incident, please notify ProZ.com staff by submitting a support request.
Has the problem been resolved?
Yes. The malware causing the redirect / loading of third-party content was found and removed.
Is the malware found at ProZ.com the type of thing that could have infected my computer?
What was found by ProZ.com would not have infected your machine. However, the possibility can not be ruled out that the site or sites users were being redirected to (or served content from) could have tried to install something worse than a redirect script. It might not even take any effort on the part of the user to become infected, especially if up-to-date anti-virus software were not being used.
What was the nature of the malware?
Some users running Norton anti-virus software received an alert about an attack it called "Exploit Toolkit Website 4". According to Symantec, this attack attempts to exploit various vulnerabilities, including those in outdated versions of Adobe Reader and Adobe Acrobat. See more information about this report from Symantec.
Other reports have indicated that the malware may have tried to run a Java application, possibly exploiting vulnerabilities on outdated versions of Java.
How can I protect myself from malware in general?
Keep your software up to date, and enable automatic updates when possible. Malware attacks are common against outdated versions of Java and Adobe products, for example. Install an anti-virus program and keep it up to date.
Could Mac users have been affected?
Possibly, though there have been no reports of Mac users affected by this issue.
Contrary to popular belief, Macs are not immune to malware. Mac users should make a point of keeping their software up to date just like Windows users should, and consider using an anti-virus program. (Avast and ClamXav make anti-virus software for Mac.)
I have a question not addressed here. Who should I talk to?
Please ask via ProZ.com's online support system. The support team is standing by to answer questions related to this incident. As questions come in, they will be added with their answers on this page.