Insights and Research

Most Common Threats In Top Blacklisted Sites

The vast majority of the most popular blacklisted websites contain a piece of malicious JavaScript inline. These sites were mostly hijacked by attackers and the malicious code can usually be linked to the Blackhole exploit kit.
 
Malicious code found on top blacklisted sites
I was surprised to find malicious Java applets in second place, having been found on 10% of the blocked sites. Malicious iFRAMEs were the third most prevalent infection and generally resulted from  mass SQL injection attacks. Only 2% of the sites are trying to foil users into downloading a malicious piece of code through a fake AV, Flash or codec page.

The scam and spam sites are mostly survey scams (the-rewardline.com, station-awardz-central.com, channelrewardscenter.org, etc.) and work-from-home scams (financereports.co). These sites have been blocked by Google Safe Browsing for months.

Since most the blocked sites are legitimate sites with high traffic, they quickly get cleaned up and removed from the Google blacklist. While the average number of days a top-site is blocked by Google is 7 days, the graph below shows that the vast majority are blocked for only a few days:
 
 
The number of top-domains blacklisted, can vary considerably on a daily basis, but the trend is upward - from an average of 400 sites in May to more than 1,000 in July.
 
Number of top-websites blacklisted daily by Google

Here are the top-ranked websites blacklisted by Google since May 2012:
 
DomainAlexa rankCountry
blog.com681PT
fatakat.com699US
ziddu.com878GB
warez-bb.org1,029RU
vanguardngr.com1,528US
prlog.org1,555US
damnlol.com1,949US
arabseed.com2,002US
h33t.com2,213CA
geo.tv2,606GB

Small or big, popular or not, all websites are under attack. No domain can be fully trusted and you never know if attackers managed to breach the protections of the website that you're currently on.

Stay up to date with the latest digital transformation tips and news.

By clicking the submit button, you are agreeing to our privacy policy.