“undefined” randomly appended in 1% of requested urls on my website since 12 june 2012

Question

Since 12 june 2012 11:20 TU, I see very weirds errors in my varnish/apache logs.

Sometimes, when an user has requested one page, several seconds later I see a simila

Answer 1

Based on this post, I reverse-engineered the "Complitly" Chrome Plugin/malware, and found that this extension is injecting an "improved autocomplete" feature that was throwing "undefined" requests at every site that has a input text field with NAME or ID of "search", "q" and many others.

I found also that the enable.js file (one of complitly files) were checking a global variable called "suggestmeyes_loaded" to see if it's already loaded (like a Singleton). So, setting this variable to false disables the plugin.

To disable the malware and stop "undefined" requests, apply this to every page with a search field on your site:

This malware also redirects your users to a "searchcompletion.com" site, sometimes showing competitors ADS. So, it should be taken seriously.