Over 760,000 Compromised Sites Detected by Google in One Year

The sources of malware infiltrations are vast. According to Symantec, nearly one million new malware threats are released each day. A significant portion of that malware comes from legitimate sites that have been compromised. So, it is no wonder that over 760,000 new compromised sites were detected by Google in a year's time as stated by Google in a recent web notification.

This week, Google made an announcement in an attempt to address those dealing with hijacked websites that were compromised for the purpose of spreading malware. In the notification, Google revealed that in their recent web study they observed over 760,000 hijacking cases from July 2014 to June 2015 identified by their Safe Browsing and Search Quality features.

The task of rolling out a new notification system has also divulged what Google has discovered in their quest to make the Internet better. Forming a close link between webmasters and Google's Search Console is key to alerting those that they may have a site that was compromised by a hacker or cybercrook looking to spread malware to site visitors.

At one time Google relied on search results warnings where users would see a "This site may harm your computer" notification next to search listings. During this period, only 43% of compromised sites were cleaned. To improve upon those results, Google was able to get better results by including remediation tips with its emails, which were received by many webmasters and led to cutting down the clean-up time by 62% during a three-day period.

Digging deeper into sites that were once compromised, Google found that about 12% of them become infected again within a 30 day period after getting cleaned. Apparently, from those results, hackers and cybercrooks like to repeat their attack on sites that were once compromised where they may potentially be attacking a weakness that was not addressed by the webmaster. There have been countless sites that utilize software, such as CMS apps like WordPress and others, to run their site. Such software has come under attack by hackers where many different vulnerabilities are exploited, which allows attackers to access those sites and infiltrate them with malware that is later spread to site visitors.

To combat the astonishing rate of which sites are being compromised, and the astounding volume of malware spread each day from such sites, Google plans on improving their communication with webmasters. To do this, Google will add early warnings for outdated software. Additionally, webmasters will be pressed to introduce additional authentication systems and methods when needed.

In the past webmasters relied on their own judgements and site visitors or customers alerting them to issues on their site. Now, with Google's help, webmasters will be alerted not only through their webmaster console, but through an open line of communication that Google sets forth.

Security breaches and compromised sites is an increasing problem, and most of the attacks can be solved with simple communication from Google in identifying these issues on the fly with most websites.