Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Google Detected 760,000 Compromised Websites During One Year
#1
[Image: google-detected-760-000-compromised-webs...3140-3.png]
Yesterday, Google announced a new notification and remediation system for dealing with hijacked websites that were compromised to spread malware or scam users.
The new webmaster notification system was perfected during joint research with the University of California, Berkeley, which was also presented at last week's 25th International World Wide Web Conference.
Google says that the study analyzed 760,935 hijacking incidents from July 2014 to June 2015, as identified by the company's Safe Browsing and Search Quality features.
The company explains it used these security incidents to test and compare a new notification system that informed users their site was hacked.
Contacting webmasters via email yielded the best remediation rates
Google says that when webmasters added their domains to Google's Search Console and the company had the owner's email address on hand, webmasters cleaned out compromised websites in 75 percent of cases if contacted directly by email.
In cases where the webmaster's email was not on hand, relying solely on Safe Browsing alerts (browser-based warnings) yielded a much smaller remediation efficiency of only 54 percent.
When Google relied on search results warnings by adding the "This site may harm your computer" notification next to each search listing, only 43 percent of the compromised websites were cleaned.
Google says it achieved the best results when it also included remediation tips with its emails, which cut down clean-up time by 62 percent, usually within three days.
One in eight websites gets reinfected in the first month
Despite all the good intentions, Google's researchers also noted that 12 percent of the cleaned websites ended up getting compromised again in less than 30 days after being declared clean.
"To improve this process moving forward, we highlighted three paths: increasing the webmaster coverage of notifications, providing precise infection details, and equipping site operators with recovery tools or alerting webmasters to potential threats before they escalate to security breaches," Google noted.
Moving forward, Google plans to improve the communications and notifications sent to webmasters, primarily by adding early warnings for outdated software or for urging webmasters to introduce additional authentication systems when necessary.

[Image: google-detected-760-000-compromised-webs...3140-2.png]

source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google Chrome emergency update fixes 9th zero-day of the year tarekma7 0 600 12-05-2022 , 04:19 PM
Last Post: tarekma7
  119k Threats Per Minute Detected in 2020 Bjyda 0 724 02-24-2021 , 11:45 PM
Last Post: Bjyda
  Compromised Credentials Show That Abuse Happens in Multiple Phases Bjyda 0 941 02-17-2021 , 09:55 PM
Last Post: Bjyda
  Newly detected malware targets Kubernetes clusters for cryptocurrency mining Bjyda 0 912 02-04-2021 , 11:44 PM
Last Post: Bjyda
  See if your credentials have been compromised with this new data leak tool Bjyda 0 1,039 01-28-2021 , 10:20 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)