Websites you think are safe but have been compromised to distribute malicious software are far more prevalent than sites that are intentionally dangerous, according to a new Transparency Report from Google, released on Tuesday.
This map from the Google Transparency Report on Safe Browsing shows that only 2 per cent of sites hosted in the US contain malware.
(Screenshot by Seth Rosenblatt/CNET)
The new Safe Browsing section of the report reveals some of the security trends that Google has been seeing. While Google reiterated that its Safe Browsing program flags up to 10,000 sites per day, the report showed that hacked sites remain a major problem, with about 60 per cent hosting malware and 40 per cent being used for phishing attacks.
Dedicated attack sites numbered in the hundreds until late 2009, when they began to increase. Although they crested at the end of last year above 6000, that number has since dropped. As of 9 June 2013, Google reported the number of these malicious sites at 3891.
Dramatically worse is the problem of compromised sites; websites that are supposed to be legitimately safe, but that have in some way been hacked to infect visitors.
During the week of 9 June, Google tallied 39,247 hacked sites, down from a peak of more than 60,000 last July, and more than 76,000 as of June 2009.
Webmaster response time to fixing those compromised sites has accelerated remarkably, although it has been slowly trending worse in the past 18 months. Response time began to drop from more than 90 days in 2008 to a low of 12 days in May 2009. As of March 2013, the response time hovered at around 50 days.