When does Google place a file as malware?
I have several Js files including jQuery on my site.
Google says:
The last time Google tested a site on this network was in 2013-02-14, and the last time suspicious content was found was in 2013-02-14.
Do you have any idea under what conditions Google can detect malware in Js files? Is there a problem with code or malware in the file?
source to share
Sorry for the vague answer, but without the details I can't be more specific. In general, there are certain patterns and code methods that are commonly used by malware to buffer overflows in browsers, giving an attacker control of the system. Javascript itself is simply used as a channel for the browser. Often times, Shellcode bytes are encoded in javascript for delivery to the user's unsuspecting browser. If you have passed encoded data via Javascript, this may seem suspicious to Google's heuristic mechanism.
It is also possible that you are using similar techniques for poisonous scripting (sometimes used for cross-site scripting (XSS) and site matching (CSRF)) to get some of your work done, which is a good way to tag Google.
Another possibility is that your site's code is fine, but it has a security hole that is of concern to Google, since an attacker could use your site. To determine this, I recommend using a web scanner such as Nikto, Burp Suite (my personal favorite), Acunetix, etc. try to find security holes.
You can also find a lot of interesting information on OWASP
Hope this helps as your Google-tagged site can cause a lot of frustration and anxiety. Good luck!
source to share
If Google claims that malicious (or suspicious) code has been found in your files, there is malicious or suspicious code in your files.
Sorry, but Google doesn't check for vulnerabilities - just bad code already existing on your site. Without knowing more about your website, operating system, software, etc., it is impossible to give you more information on how this happened.
If they find it in your .js files, you can have a document.write statement either at the very beginning or at the very end of those files. The problem is that even if you find and remove the infectious code, you still don't know how it happened. Without knowing it and taking steps to prevent it, he will return.
source to share