Adwords campaign rejected. For Google Matomo javascript is a Malware

Update Aug 2020 by @matthieu - we have heard back from Google Maldvertising team and they have said they have “fixed some issues” on their end, and it seems the issue is FIXED.

if you still experience this issue from August 2020, please leave a reply here!

Original post:

I had prepared an adwords campaign but the campaign was rejected and the google assistance told me that “you need to remove the Matomo javascript as it is a malware”. Why?

"Your site has been blocked for violation of our “Malicious or unwanted software” policy, as our most recent scans have found malicious programs and strings on your site. In order to guarantee the safety of users, the publication of resources with content potentially harmful to its customers is not permitted.

For your convenience I send you the following list of malware detected by our systems, I invite you to analyze it together with your webmaster so as to be able to proceed with their removal independently:

/matomo.js"

1 Like

Hi,

That’s quite something. Just to make sure that they aren’t correct, can you please make sure that the matomo.js file hasn’t been modified by some other software on the server (it isn’t completly impossible that some malware searched the server for .js files and appended something to all of them).

Can you paste here the content of your matomo.js so we can check if it’s been tampered with?

1 Like

Can I ask , how dit this end for you? I am facing the the same problem (with a muli-tenancy setup, so a lot of my clients suddenly have this identical problem) Google-ads claims malware, blocks all campagins, google search console claimes all sites are safe.

I see no recently changed files, generated html is clean, piwik.js it self seems also to be OK, and the file (or other) are not recently changed or something. Google can’t pin- point me to the real found malware or code, exept points to the piwik.js. I do load the piwik.js from an other domain, but on the same server.

I updated to 3.13.1 now hoping this will help

1 Like

Could you please share the link to the piwik.js file that they flagged as malware? This is most likely an error on their side, but we need to make sure, and follow up with them. There’s also always a small chance that something on the server/website was hacked and included some malicious code in random JS files including the matomo files. Contact us at: Contact the Piwik team - Analytics Platform - Matomo and we’ll help

Matthieu, Thank you very very much for your quick reply. I just mailed you some more info

1 Like

At this moment I am for 99,9% sure, my PIWIK/MATOMO install is clean as intended, no hack , no malware, no strange url’s. And I hope I can thrust piwik to have no backdoors build in or something. I use PIWIK since 2006, never had any problem, like it love it… Google search console says all sites are safe, but google ads blocks every campagne . Google is enforcing their dictating position to ban out all software other then Google analytics.

“If you want to use our ads service, loose piwik.js from your site and it will be ok again”

I spend almost 3 days analyzing and comparing the scripts, seeking help, testing, searching through serverlogs, everything within my knowledge, just to be sure there really is no malware active.

Google’s reaction summed up: Dear Remco, I understand your frustration, but please talk to the hand…

Hello,

Here is a text we wrote to explain the situation and that piwik.js is not a malware:

Hello,

We are the creators of Matomo, the leading open source web analytics software used on 1 million websites, with privacy built-in.

One of our users has contacted us because Google has blocked their Google Ads campaign, claiming the “piwik.js” file is malware.

But this piwik.js is the JavaScript tracking client for Matomo Analytics.
The source code can be found here in its original form: https://github.com/matomo-org/matomo/blob/4.x-dev/js/piwik.js
> This file has been deployed on the internet on 1 million websites without any problem, and it does not have any malware.
It is used to record the web analytics information from the website into the website’s owner’s Matomo system.
You can find the developer documentation at: https://developer.matomo.org/guides/tracking-javascript-guide
The piwik.js file is similar to the Google Analytics tracking file at: https://developers.google.com/analytics/devguides/collection/analyticsjs/how-analyticsjs-works

You can manually verify whether the piwik.js flagged as malware is different from our standard packaged (minified) piwik.js by comparing the file to the original (latest version) here: https://github.com/matomo-org/matomo/blob/4.x-dev/js/piwik.min.js

This has happened before where Googe mistakenly flagged us as malware for no good reason.

-> Could you please immediately revert the malware claim on the piwik.js
and if you have otherwise any question or feedback about the file, please let us know?

Looking forward to hearing from you,
Matomo Team
You can reach out to the Matomo team at https://matomo.org/contact/

Could you share this text with them and let us know if that helps unblock the situation?

Thanks,

2 Likes

Got two sites from clients that his ad campaigns were shutdown because of Matomo code. As you pointed out… I´m also sure that Matomo code is clean, used it for years. Got the sites tested from several malware test sites, even Search panel from Google says its clean. Sure it is a move from Google to ban out all the competition… or maybe they do not want to track the google campaigns and discover other numbers than they give you?

1 Like

You are right! Not only the visitor’s privacy is in danger, also fair market trading. You can’t re-check the visitors/CPC that google provides& calculates, You can only hope that google is really honest :slight_smile:

1 Like

Totally unexpected, I received this morning a call from google ads, that my piwik install was claimed to be safe.

Reason for further investigation, was my massive contact moments :slight_smile: (calling / mailing / protesting), results of my own investigation and sending extra documentation.

Google promised to unblock the campagnes, but every ads-account have to be evaluated separately.

The soap is not over… The ads account, that was whitelisted by google, is still approved. So I told my other customers, they can activate the piwik stats again.

I was wrong, now they are being blocked . (exept the only whitelisted account). All sites use the exact same piwik tracker / url. So I can conclude, not my piwik installation is whitelisted as safe, only the ads-account…

================================

Update: Today, 20-feb- the google ads employee confirmed that my piwik url was safe, and whitelisted the other blocked customer. It was the same employee that took over the previous case, so explaining what kind of software piwik is, was no problem… . As I use a multi tenancy setup, I requested to whitelist my pwiwk url .Ortherwise it will take us both a lot of time, to whitelist every single account that uses my piwik setup.

Hope this will help anyone, who has the same kind of google ads blocking.

1 Like

My 2 sites suspended “as malicious or unwanted software”, Google as to remove tracking code.

FYI: I use fresh domain (that never use before) for Matomo CMS so I can make guarantee it safe from attacker.

but:

My 2 sites suspended “as malicious or unwanted software”, Google as to remove tracking code.

Sorry to hear @IT_Comindo - please check our recommendations at Antivirus program or malware checker or Google Ads claim that matomo.js or piwik.js are malware, what can I do? FAQ - Analytics Platform - Matomo

Thought I’d add to this. We just had all of our Google Ads accounts shut down due to the piwik/matomo code being malicious. Been running it for years and never an issue until Saturday. Scanned all the servers, checked the code, everything is fine and nothing changed. Spoke with Google this morning and they confirmed it was the piwik.js file. I told them this is not malware. It is an analytics software like Google Analytics, just from a different company. They didn’t care. We had to remove it from our entire network of websites to get our accounts reconsidered for activation. We asked them to review the file to see if they’ll allow it and they’ll respond within 48 hours.

1 Like

Thanks @TonyR for the update. Sorry you have to experience this. Google is abusing their position here, never should they force you to remove your analytics tracking code from the site!

We will reach out to Google also from our end.

Is anyone else experiencing this issue? Any more information anyone has is appreciated.

Matthieu, it is unfortunate. We have (had) a deep integration into our systems where we queried the MySql database directly to generate custom reports/insights and automated analytics reporting via email. We have custom dashboards built into our software and everything.

We also received a slew of calls today from clients that were running their own ads with the same issues. We had the analytics deployed to about 200 websites. Luckily, the way our systems are developed, we were able to remove it in just a few minutes with a global update. If Google decides to allow it, we can restore it with a global update as well.

We had about 60 Google Ads accounts that have been disabled that we were managing (not counting the customers managing their own).

We have not yet had our Google Ads accounts re-activated. I will update this forum once I have more information. Waiting to hear back from their support on both the re-activations and whitelisting the piwik.js file.

1 Like

We have the same problem here, Google block our ads, they say that Matomo.js and Matomo.php were malware!

What can I do now?

That’s what they write us:
Leider wird in meinem Tool noch immer angezeigt, dass die Webseite https://www.werbago.com/ noch immer mit folgenden Links infiziert ist und die Anzeigen somit nicht freigegeben werden können.

matomo.js
matomo.php

Leider können die Anzeigen nicht manuell freigegeben werden, da sie sonst bei der nächsten automatischen Überprüfung direkt wieder abgelehnt werden. Aus diesem Grund muss sichergestellt werden, dass die Webseite bereinigt ist, bevor die Anzeigen wieder freigegeben werden können.

Wenn Sie die Webseite erfolgreich bereinigt haben, stellen Sie bitte sicher, dass Sie noch einmal ein paar kleine Änderungen an den Anzeigentexten vornehmen müssen, damit die Anzeigen automatisch noch einmal überprüft und gegebenenfalls freigegeben werden können.

Sollten Sie noch weitere Fragen haben, freuen wir uns von Ihnen zu hören.

Ich wünsche Ihnen noch einen angenehmen Tag.

For us the same here

@SH-WB
Thanks for reporting.

Please contact Google referring to Antivirus program or malware checker or Google Ads claim that matomo.js or piwik.js are malware, what can I do? FAQ - Analytics Platform - Matomo