Why Google temporarily blocked Twitpic with a malware notice
Yesterday, Google marked Twitpic, the popular photo tweeting site, as a malware danger on its Chrome browser. They did not just block the site itself with a warning, but also blocked any Twitter account that contained a retweeted Twitpic-hosted photo.
In a tweet of its own, the South Carolina-based Twitpic said, “Working to fix the google chrome malware notice when visiting Twitpic.com as this is not true or the case, trying to contact google”
Shortly thereafter they added, “...we have also conducted a full audit of Twitpic.com and removed any party that could potentially cause this issue.”
Later Sunday they followed up with the announcement that Twitpic had been unblocked.
“We've heard from Google and they have removed the block. Access to Twitpic should be restored...”
Google’s Safe Browsing page for the site notes that the site itself is not a repository of malware, but rather constituted a distribution vehicle for outside viruses.
“This site is not currently listed as suspicious,” Google says. “(T)his site has not hosted malicious software over the past 90 days.”
However, of the 12592 pages Google tested on Twitpic in the past 90 days, 31 of them “resulted in malicious software being downloaded and installed without user consent.” This software includes 13 Trojans and four exploits, hosted on five domains, including mpchester.info, malatyuhr.com/ and iloveeu.info. Two domains “appear to be functioning as intermediaries for distributing malware to visitors of this site,” 2upmedia.com and adexcite.com.
Firefox and older versions of Internet Explorer were also affected, according to users, sometimes crashing when encountering the block.
Screenshot via Google Chrome/Twitpic.com