"Smartnewtab" Malware listed as "Clicked On" in Stats?
-
When checking my Stats today, one of the clicks on my Blog was listed as “Smartnewtab”, which my subsequent googling says is some kind of Malware.
As I haven’t added any link like this, I’m assuming it’s embedded in one of the pop-up ads that WordPress adds to my blog. If so I figured somebody ought to do something about that.
Has anybody else experienced this?
The blog I need help with is: (visible only to logged in users)
-
Seriously… anybody?
I’m basically worried that somehow visitors to my blog might start getting affected by this. Not the experience I’d like for potential new readers.
-
Hi @mistressneko, I’d recommend blocking them, as they’re just trying to get you to visit their site by appearing in your stats. Here’s how:
-
Maybe I wasn’t clear. It’s not a referrer… that’s not where I found it.
It’s listed in the “Clicks” on links recorded for visitors to the blog along with all the things like media embeds and such. You know… they look at one of my pictures, it records as a “click”… or they click on a link to a friend’s blog post and I get a “click”. According to my stats page the link is originating somewhere on my blog not from outside. I’ve searched for the link but can’t find it so I’m assuming it’s in one of the pop-up ads that WordPress themselves is serving to my blog since those also show up when someone visiting clicks on one. I might be wrong, but this is my best guess as to what’s happening.
If that’s the case, then you need to check those ads to see what these parties are giving you to pass along to us.
-
Hi there @mistressneko, to the best of my knowledge, WordPressdotcom does not use any kind of PopUp advertising on our sites. If you see the words “About these ads” next to or above the ad, that is the indication that the ad originates with WordPressdotcom.
My thought is that one of your visitor’s computer may be already be infected with this malware before they visited your site and that is what generated the “click,” but will be glad to learn what Staff have to say on the subject.
Thanks for your patience while they get back to you.
-
@misstressneko
I can confirm what @justjennifer said, namely that we don’t place any pop-up ads on WordPress.com whatsoever. If you, or any visitor to your site, are seeing pop-up ads they are being caused by malware on your device, most likely a browser extension that was installed when you installed a different piece of software.
Smartnewtab specifically is a piece of malware that can cause pop-up ads on any website you visit if you have that malware on your computer.
I found this guide online on how to remove it:
How To Remove Smartnewtab.com Redirect (Virus Removal Guide)
If you are seeing the pop-ups, please follow that guide to remove the malware from your computer.
-
Actually, I’ve never seen any of the ads run on WordPress at all… they aren’t visible to me at all when I’m logged in so I’m speculating as to what form they take. I’m not actually seeing any of these ads on my system and I’m clean… that was merely a guess as to the origin of the “click” recorded by my stats. I’ve already checked my system in case I was infected. Nope, nothing.
The visitor, whoever it was, clicked on the link served up to his browser from WordPress along with my site you host on your servers when he visited with his own system. No direct interaction with me or my computer. So it came to them from you.
Here’s the link itself… with http redacted… smartnewtab.com/watch?key=0cdb16b7667982280fbb05007a35eb39. It looks like some kind of video link if that helps.
This is the only instance of this I have encountered. Perhaps I’m incorrect as to it’s source, but it’s definitely originating on your end.
-
Just a thought…. if the visitor’s system itself was already infected with the Malware when he viewed my blog, would Pop-up ads he sees be recorded as “clicks” by WordPress as having originated on the page he was viewing?
I could be reaching here, but could this explain why this happened?
-
The visitor, whoever it was, clicked on the link served up to his browser from WordPress along with my site you host on your servers when he visited with his own system. No direct interaction with me or my computer. So it came to them from you
That means the visitor has the malware on THEIR computer. It’s showing in your stats because the way this malware works is to load the pop-up ads as part of any website that is opened on the infected browser. Because it injects the ad into your website’s existing code, our stats tracking sees that link as part of your site at the moment your site loads, and thus the click is recorded in your stats.
Just a thought…. if the visitor’s system itself was already infected with the Malware when he viewed my blog, would Pop-up ads he sees be recorded as “clicks” by WordPress as having originated on the page he was viewing?
Exactly :) I was busy typing the reply above when your next reply appeared. As such, I’m afraid there’s nothing we can do to prevent it from our side.
Something you could do, if you wanted to, is publish a post mentioning you saw this, and providing the instructions to remove the malware so your followers can see it. But ultimately the person with the infected computer will need to take action.
Rest assured, however, that this poses no danger to your site. Your site, and other computers viewing your site can’t be infected by this malware. I’d advise against clicking that link in your stats again, though :)
-
Ahhhh…. thanks for the explanation. This was bugging me big time. I’ll definitely do some kind of warning post about Malware soon.
Nice to get a peek into how things actually work, code wise. You learn something new everyday.
Thanks for listening to my paranoid ramblings and sticking with me. :)
-
- The topic ‘"Smartnewtab" Malware listed as "Clicked On" in Stats?’ is closed to new replies.
WordPress.com Forums 