• United States



Many blacklisted sites were hijacked, says Zscaler ThreatLabZ

May 15, 20121 min
CybercrimeData and Information Security

An interesting nugget of research from Zscaler suggests that many blacklisted sites were fine until someone hijacked them.

In an email, the cloud security company says senior security researcher Julien Sobrier ran a Google Safe Browsing blacklist against the top one million websites (based on number of visits, as reported by Alexa) and found that 621 of them were blacklisted. He took a closer look at the most popular among those to understand why they were blacklisted, and found that most of them were not malicious by nature, but had been hijacked — malicious JavaScript or iFrames being the general culprit.

“It is interesting to notice that Google decided to blacklist the infected site, rather than just blocking the external domain hosting the malicious content,” Sobrier wrote. He also broke down those blacklisted domains by country, finding that 46 percent are hosted in the U.S., while Europe (especially Germany, France and the Netherlands) is number two at 9 percent collectively, followed by China at 8 percent.

“No site is safe from hijacking,” Sobrier added. “Personal websites and top-10,000 sites are all likely to be infected at some point.”

Read Sobrier’s blog post on the subject here.