Google: Hacked sites far worse than attack sites
The new Safe Browsing section of Google's Transparency Report shows that you face a significantly bigger threat from compromised legit sites than intentionally dangerous sites.
Web sites you think are safe but have been compromised to distribute malicious software are far more prevalent than sites that are intentionally dangerous, according to a new Transparency Report from Google released on Tuesday.
The new Safe Browsing section of the report reveals some of the security trends that Google has been seeing. While Google reiterated that its Safe Browsing program flags up to 10,000 sites a day, the report showed that hacked sites remain a major problem -- with about 60 percent hosting malware and 40 percent being used for phishing attacks.
Dedicated attack sites numbered in the hundreds until late 2009, when they began to increase. They crested at the end of last year above 6,000, but that number has since dropped. As of June 9, 2013, Google reports the number of these malicious sites at 3,891.
Dramatically worse is the problem of compromised sites, Web sites that are supposed to be legitimately safe but that have been hacked to infect visitors.
During the week of June 9, Google tallied 39,247 hacked sites, down from more than 60,000 last July and more than 76,000 in June 2009.
Webmaster response time to fixing those compromised sites has accelerated remarkably, although it has been slowly getting worse over past 18 months. Response time began to drop from more than 90 days in 2008 to a low of 12 days in May 2009. As of March 2013, the response time hovered around 50 days.
The full Google Transparency Report on Safe Browsing can be read here.