App reviews, troubleshooting, and recommendations
I am receiving a lot of clients that are getting suspended due to Malicious software starting yesterday.
They seem to be using an app (which one I don't know yet) that is sourcing from asaplabs
Not sure if its anything to do with ASAPLab (different URL)
When checking several clients the subdomain URLs are all different such as
geo.s.asaplabs.
ym.s.asaplabs
Which redirects to an unrelated website URL.
I recommend a Shopify staff member look into this, as it is definitely a phishing attempt.
For anyone else reading this, please contact Shopify Support.
Solved! Go to the solution
This is an accepted solution.
There was an app on our store called Yandex that we weren't using but must have been installed a few years ago.
This morning it appeared to be inserting a line of code into the head that is redirecting some traffic to an asaplabs domain so I have deleted it.
I would recommend anybody else with the Yandex app do the same.
This is an accepted solution.
Hi everyone,
We were also having the same issue and contacted Shopify support. They were able to look in the backend of our store and told us the culprit was an app called "Geo Targeting - Notify pop-ups". We deleted it and the script from asaplabs was gone after that.
These were the details shared by the Shopify rep:
Since only Shopify can see the scripts of all apps installed I would suggest anyone facing this issue goes to the chat and ask for their assistance.
Hope this helps!
This is an accepted solution.
Go to one of your disapproved pages and type before the url "cache:"
That will show you the DATE of the page cache Google is ACTUALLY scanning. Our problem was the same, we removed the code but Google kept disapproving them saying the code was still there even though by manual review it was NOT. The issue is Google uses OLD CACHED pages with their fancy scanner thing on their end and the code will still be present from a couple weeks ago. It's just going to take time for Google to re-cache and check new versions of your website. It took us 2-3 very frustrating weeks. We reached out at least 5 times a day, made them aware of the cache issue, trying to get them to refresh things on their end... but we simply had to wait it out.
This is an accepted solution.
There was an app on our store called Yandex that we weren't using but must have been installed a few years ago.
This morning it appeared to be inserting a line of code into the head that is redirecting some traffic to an asaplabs domain so I have deleted it.
I would recommend anybody else with the Yandex app do the same.
Hi @EmmanuelFlossie ,
Did you find a resolution for your issues? Was it the Yandex app too? We don't have that app but we're seeing the same issues pop-up.
My Malwarebytes browser guard is popping up with an error, citing the asaplabs domain as an issue;
Shopify support are telling us to speak to Google ads (regarding ad disapprovals caused by their flag for 'malicious content') and saying Google are having a lot of 'false flags' at the moment - That doesn't really hold water though as my browser guard (which has nothing to do with Google) is flagging the clients site for containing a trojan!
Cheers!
Update: We found the culprit app for ours, it was pop up app used to notify international users of being on the wrong site. Doesn't seem like it was isolated to the Yandex app.
I have not looked into the clients account, I just found it very suspicious I got a lot of emails in one day about the same issue. Which signals a global issue.
When I first looked at it, the subdomain was geo, which I thought was related to a GEO app, but the second subdomain does not make sense.
It is entirely possible several apps have been hacked, not just one.
And yes, this is not a Google issue, I'm using bitdefender that is detecting the issue, which has nothing to do with Google.
And the URL itself is redirecting, which should not be the case if it was a real app.
Shopify needs to look at this deeper.
This is an accepted solution.
Hi everyone,
We were also having the same issue and contacted Shopify support. They were able to look in the backend of our store and told us the culprit was an app called "Geo Targeting - Notify pop-ups". We deleted it and the script from asaplabs was gone after that.
These were the details shared by the Shopify rep:
Since only Shopify can see the scripts of all apps installed I would suggest anyone facing this issue goes to the chat and ask for their assistance.
Hope this helps!
It looks like "Geo Targeting - Notify pop-ups" had the same developer (Simtech Development Ltd.) as the Yandex app that was causing us problems:
https://www.delightchat.io/apps/geo-targeting
https://www.delightchat.io/apps/yandex-metrica
There is one other app I've found a record of being developed by Simtech called "Custom JavaScript & jQuery" which I would assume also could be affected:
Thanks for the info @EvanG1.
We've removed the geotargeting app from the site now, and I'm no longer getting the flags from my browser guard. Unfortunately Google doesn't agree the issue is resolved and our ads are still suspended 😞
Great work @EvanG1
@James-Does-PPC Google unfortunately uses website caches to verify Malicious Software. Which means you need to wait until the cache in Google are cleared of the old plugin.
Yes this is annoying. Please note I am aware of this process only for Google Ads, I do not know if this is the same for Google Merchant Center.
You can check when a page is cache by adding cache: in front of your URL.
For example
Hey @EmmanuelFlossie,
Thanks for the insight - That's interesting to know.
Strangely, when I use the URL for the site in question the cache note gives a different site as a response..
If it helps with your merchant centre question, our product feed didn't go down at the same time. Only the text ads.
That might be from the app, because what I noticed was that the app redirects sites. Hence why you get a different cache.
Just double check you didn't use my website 😄
first navigate to your product landing page (any)
Then type cache:
Infront. If it does the same, than you need to wait a few days until the cache is back to normal.
Interesting, I wonder if that is where the app was redirecting to. I have scanned the site it was going to using a 3rd party tool and it came up clean.
Yes I did use our site, rather than yours (appreciate the check though, you never know!)
Any experience with how often the pages are crawled?
Crawl rates are increased or decreased by Google dependent on the volume of traffic you get. The more popular your website is, the higher the crawl rate.
But I don't know too much about crawl rates, so I recommend you have a look here: https://support.google.com/webmasters/answer/48620?hl=en
Thanks @EmmanuelFlossie ,
I've spoken with Google ads support and they have sent me a link report.
The report is from the crawl yesterday, and the links in the report don't contain the asaplabs URL (they mostly look very spammy).
I assume they are the ones dynamically being inserted by the compromised apps.
They have advised 3-4 days for a re-crawl, although I suspect this is a generic answer.
hey James, I have got the exact same issue. Deleted the yandex metrica app, even changed the theme but still being flagged by G ads. Did you find a way to resolve the issue?
@Armyan You need to wait until Google's Cache is cleared for all pages.
you can view the date of your cache of any page by pretending the word cache: in your browser address bar
I don't suppose resubmitting the sitemap can help to speed up the caching?
Does anyone know what the damage is in terms of potential breached data as a result of this allegedly malicious software?
You've solved!! So did weE Once we deleted it problem solved. Many thanks!!
Thank you for posting this. I spent 2 days trying to find a solution to this problem. My Google Search Console was showing me a lot of pages with soft 404 and it was growing every week.
Deleting "Geo Targeting - Notify pop-ups" did the trick for me. The app was disabled but still present. I remember disabling it because it was causing other problems for me.
Thanks again.
Hello all,
This issue has reared its head again for us today.
We're currently investigating the cause, perhaps more apps have been compromised.
We have also been battling with Google Ads since mid June 2022, malicious content and soft 404. We had the Yandex app installed and removed the app and also removed any scripting associated with it manually from the theme. Yandex and asaplabs and some related apps have been compromised. However, once we removed the code, Google still was denying our ads. Google on their end, needs to clear their cache! That's right. If you take an example page of your website that is being flagged, type in cache:https://xxyourwebsitelinkxx and take a look at the google cache date. The deleted code may still be present in their scanning and they HAVE to refresh their cache or they will still be detecting the code!
Looks like this may have been an error on our end, looks like one of the compromised apps was still on our US sub-domain.
What does this mean exactly?
@AdamSTM are you suspended from Google Ads due to Malicious Software?
Currently yes. We belive we fixed the issue on our end however google is also scanning cached website pages from may... any insight?
You need to wait until the cache is refreshed.
The last refresh was may... any way to have them push it through? Also in the reply from ShawnaSTM we have located at least 1 app for sure that is inserting the code.
Crawl rates are defined by website popularity, the more traffic you get, the higher your crawl rate is. Here is more info: https://support.google.com/webmasters/answer/48620?hl=en
Ok, well due to the redirects we got hit with soft 404s which in turn google unindexed most of our site. As of a few weeks ago we were the top results for almost every single keyword/Search term we were working with. So this is resulting in lower traffic which in turn means they will crawl our site slower? Talk about kicking someone while they are down.
We're having the same issue. Our google ads all got declined back at the beginning of June. We removed the offending app (in our case it was "Geo Targeting - Notify pop-ups") resubmitted the ads and the got approved. However, from 1st July the ads all got declined again and we just can not get them approved again. We've checked the code and all trace of the app has been removed....
Anyone had a solution to this?
This is an accepted solution.
Go to one of your disapproved pages and type before the url "cache:"
That will show you the DATE of the page cache Google is ACTUALLY scanning. Our problem was the same, we removed the code but Google kept disapproving them saying the code was still there even though by manual review it was NOT. The issue is Google uses OLD CACHED pages with their fancy scanner thing on their end and the code will still be present from a couple weeks ago. It's just going to take time for Google to re-cache and check new versions of your website. It took us 2-3 very frustrating weeks. We reached out at least 5 times a day, made them aware of the cache issue, trying to get them to refresh things on their end... but we simply had to wait it out.
As sad as @shawnastm experience is, this is the only way. The more traffic your website has, the faster the re-caching is. So merchants with not much traffic will have to wait longer.
Hi there
Firstly thanks for this, because it was doing my head in (354 pages all with Soft 404's!!) but thanks to this page I have solved the issue. I had the Geo Locator Pop Up app and even though it wasn't active (it was). Once I deleted it on the Apps page, I went back to Google Search Console and Voila!! Google could access the pages.
Starting a B2B store is a big undertaking that requires careful planning and execution. W...
By JasonH Sep 23, 2024By investing 30 minutes of your time, you can unlock the potential for increased sales,...
By Jacqui Sep 11, 2024We appreciate the diverse ways you participate in and engage with the Shopify Communi...
By JasonH Sep 9, 2024