Google has been clamping down hard on malicious websites as blacklisting of the most popular domains jumped 150 percent between May and July, according to data from security vendor Zscaler.
From an average of 400 blacklisted sites in May, Google blocked access via its Safe Browsing service to over 1,000 in July, largely because they contained malicious code. Zscaler looked at the top 1 million sites based on number of visits according to ranking service Alexa.
Most websites were cleaned up within a few days, although the average number of days a site was blocked over the three months stood at seven. “Since most the blocked sites are legitimate sites with high traffic, they quickly get cleaned up and removed from the Google blacklist,” Zscaler said in a blog post.
Three quarters of sites blocked over the three month period contained a piece of malicious JavaScript, whilst 10 percent contained nasty Java applets. In the case of the JavaScript injections, the code was usually be linked to the Blackhole exploit kit.
“The Blackhole exploit kit is one of the most commonly-used threats used by cybercriminals to infect computers. Some 28 percent of *all* web threats detected by Sophos are due to this exploit kit,” Graham Cluley, senior technology consultant at Sophos, told TechWeekEurope.
“In a nutshell, a malicious script on a webpage determines what software the victim is running and serves up all of the exploits they are vulnerable to – maximising the opportunities for infection.
“Typically this will be done to install a payload such as a backdoor Trojan horse giving a hacker remote access, or hijacking your computer into a botnet.”
Twitter was recently swamped with spam containing links pointing to Russian web pages that ultimately attempted to infect Windows PCs using the Blackhole exploit kit.
In July, the developers behind the Blackhole exploit kit updated the framework with a module that can easily compromise computers systems using a month-old flaw in Java.
Are you a security guru? Try our quiz!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…