Google Blacklisting Jumps 150 Percent In Only Three Months

Google has been clamping down hard on malicious websites as blacklisting of the most popular domains jumped 150 percent between May and July, according to data from security vendor Zscaler.

From an average of 400 blacklisted sites in May, Google blocked access via its Safe Browsing service to over 1,000 in July, largely because they contained malicious code. Zscaler looked at the top 1 million sites based on number of visits according to ranking service Alexa.

Most websites were cleaned up within a few days, although the average number of days a site was blocked over the three months stood at seven. “Since most the blocked sites are legitimate sites with high traffic, they quickly get cleaned up and removed from the Google blacklist,” Zscaler said in a blog post.

“Small or big, popular or not, all websites are under attack. No domain can be fully trusted and you never know if attackers managed to breach the protections of the website that you’re currently on.”

Going down a Blackhole

Three quarters of sites blocked over the three month period contained a piece of malicious JavaScript, whilst 10 percent contained nasty Java applets. In the case of the JavaScript injections, the code was usually be linked to the Blackhole exploit kit.

“The Blackhole exploit kit is one of the most commonly-used threats used by cybercriminals to infect computers.  Some 28 percent of *all* web threats detected by Sophos are due to this exploit kit,” Graham Cluley, senior technology consultant at Sophos, told TechWeekEurope.

“In a nutshell, a malicious script on a webpage determines what software the victim is running and serves up all of the exploits they are vulnerable to – maximising the opportunities for infection.

“Typically this will be done to install a payload such as a backdoor Trojan horse giving a hacker remote access, or hijacking your computer into a botnet.”

Twitter was recently swamped with spam containing links  pointing to Russian web pages that ultimately attempted to infect Windows PCs using the Blackhole exploit kit.

In July, the developers behind the Blackhole exploit kit updated the framework with a module that can easily compromise computers systems using a month-old flaw in Java.

Are you a security guru? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago