Google Blacklisting Jumps 150 Percent In Only Three Months

Google has been clamping down hard on malicious websites as blacklisting of the most popular domains jumped 150 percent between May and July, according to data from security vendor Zscaler.

From an average of 400 blacklisted sites in May, Google blocked access via its Safe Browsing service to over 1,000 in July, largely because they contained malicious code. Zscaler looked at the top 1 million sites based on number of visits according to ranking service Alexa.

Most websites were cleaned up within a few days, although the average number of days a site was blocked over the three months stood at seven. “Since most the blocked sites are legitimate sites with high traffic, they quickly get cleaned up and removed from the Google blacklist,” Zscaler said in a blog post.

“Small or big, popular or not, all websites are under attack. No domain can be fully trusted and you never know if attackers managed to breach the protections of the website that you’re currently on.”

Going down a Blackhole

Three quarters of sites blocked over the three month period contained a piece of malicious JavaScript, whilst 10 percent contained nasty Java applets. In the case of the JavaScript injections, the code was usually be linked to the Blackhole exploit kit.

“The Blackhole exploit kit is one of the most commonly-used threats used by cybercriminals to infect computers.  Some 28 percent of *all* web threats detected by Sophos are due to this exploit kit,” Graham Cluley, senior technology consultant at Sophos, told TechWeekEurope.

“In a nutshell, a malicious script on a webpage determines what software the victim is running and serves up all of the exploits they are vulnerable to – maximising the opportunities for infection.

“Typically this will be done to install a payload such as a backdoor Trojan horse giving a hacker remote access, or hijacking your computer into a botnet.”

Twitter was recently swamped with spam containing links  pointing to Russian web pages that ultimately attempted to infect Windows PCs using the Blackhole exploit kit.

In July, the developers behind the Blackhole exploit kit updated the framework with a module that can easily compromise computers systems using a month-old flaw in Java.

Are you a security guru? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

US Widening AI Lead Over China, Finds Stanford Report

US widening lead over China on AI development, as UK places third in Stanford index…

4 hours ago

Amazon To Pump Another $4bn Into AI Start-Up Anthropic

Amazon to invest a further $4bn into AI start-up Anthropic, doubling its investment as it…

5 hours ago

The Cost of Tech Skills

The demand for tech skills is surging, driving economic growth but revealing challenges. Financial costs,…

5 hours ago

Supreme Court Says Meta Must Face Multibillion-Dollar Fraud Lawsuit

US Supreme Court tosses Meta's appeal over Cambridge Analytica-linked investor lawsuit, meaning case must proceed

5 hours ago

Uber Seeks $10m Stake In Pony AI Via IPO

Uber reportedly seeks $10m stake in Chinese autonomous driving firm Pony AI via US IPO,…

6 hours ago

Apple Developing ‘LLM Siri’ AI For 2026

iPhone maker reportedly developing next-generation AI large language model for Siri for spring 2026 as…

6 hours ago