Over 10% of Alexa TOP Million Websites Found Not Safe – Infographic Report

We scan a lot of websites per day. Through our daily work we see all sizes and types of websites compromised, blacklisted, and filled with various security issues. But, we don’t often aggregate the results to provide a public report of what we are seeing.

So last month, we decided to do just that. We decided to scan the most popular websites on the internet to see how bad, or good, they are in terms of web security.

Our testing was very simple. We chose the top 1 million sites (according to Alexa), and checked the sites for those 4 issues:

  • Is the site Blacklisted? Sites were checked on Google, Norton, McAfee, ESET and Sucuri Labs.
  • Is the site infected with hidden SPAM?
  • Is the site infected with malware like drive-by-downloads, exploit kits, and similar issues?
  • Is the site running outdated software?

If the site passed those 4 tests, it would be considered safe for our testing purposes. Let’s see how the sites did.


Read More

Alexa TOP 100k Sites – The Malware Blues

How big do you think the web-based malware problem is? How many sites do you think were hacked and/or infected with malware in the last 6 months? How many of those got blacklisted by Google?

The numbers could have been better for the Alexa Top 100K Sites. This problem extends well beyond the Alexa top site listings, but we wanted to put into perspective that this is a widely spread problem affecting even the most popular of sites.

Just in the last 6 months, more than 1% of the top 1 million sites (according to Alexa) were blacklisted by Google. That’s a total of 10,494 sites.

The thing to consider here is that Google has had accuracy problems in the detecting malware arena (also with blackhat seo spam detection), so there’s a great chance that the total numbers are in fact higher than being reported here.

Read More

Alexa top sites – Blacklist for January/2011

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc.

For Jan-2011, the number is pretty standard, but a little bit lower than previous months. Out of those top 1 million sites, around 1.4k had their main domain blacklisted (1,447 to be more exact). Compared to previous months, you can see a decline in there (2.1k in Dec, 2.5k in Nov, 3k and Oct, etc).

Why the decline? I would hope that it would be related to a safer Internet and people taking security more seriously, but based on the latest malware we have been analyzing, it seems that they are able to hide from Google pretty well (by not displaying the malware to Google’s IP addresses or to their user agents, etc).

These are the top 100 sites that were flagged and their respective ranking (You can get the full list here):

Read More

Alexa top sites – Blacklist for December/2010

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc.

For Dec-2010, the number is pretty standard, but a little bit lower than previous months. Out of those top 1 million sites, around 2100 had their main domain blacklisted (2,099 to be more exact), a bitt lower than the roughly 2500 in November, and 3k on October. Out of the top 100k, more than 257 were blacklisted by Google.

Over time, only 636 sites that were blacklisted in previous months remain blacklisted, and in the TOP 1 million ranking.

Here are the top 100 sites that were flagged and their respective ranking (You can get the full list here):

Read More

Alexa top sites – Blacklist for November

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc.

For Nov-2010, the number is pretty standard, but a little bit bellow from previous months. Out of those top 1 million sites, around 2.2 thousand got their main domain blacklisted (2,252 to be more exact) against 3 thousand from October. Out of the top 100k, more than 248 got blacklisted by Google.

Over time, only 636 sites that were blacklisted in previous months are still blacklisted and in the TOP 1 million ranking.

Those are the top 100 sites that got flagged and their respective ranking (You can get the full list here):

Out of the non-malicious blacklisted sites (the ones that got hacked and fixed), more than 14% were using WordPress and 13% were using osCommerce (largely attacked this month). A lot of “.co.cc” sites were well ranked (and blacklisted), but all of them were malicious in nature (phishing).

For our Canadian friends, rogersplus.ca (from Rogers, one of the biggest cable/TV/phone companies in Canada), got blacklisted as well.

We will post more details in future posts. If you have any question or comment about it, let us know.

Alexa top sites – Blacklist for October

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc.

For OCT-2010, the number is pretty standard and similar to previous months. Out of those top 1 million sites, around 3.6 thousand got blacklisted last month (3,683 to be more exact). Out of the top 100k, more than 408 got blacklisted by Google.

Over time, only 711 sites that were blacklisted in previous months are still blacklisted and in their TOP 1 million ranking.

Those are the top 100 sites that got flagged and their respective ranking (You can get the full list here):

One interesting point is that more than 70% of the legitimate sites that got hacked were using outdated software (either Joomla, WordPress, OpenX, etc). If you are a site owner, this is a reminder to keep your site updated.

We will post more details in future posts. If you have any question or comment about it, let us know.

Alexa top sites – Blacklist status for september

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc.

For SEP-2010, the number is pretty standard and similar to previous months. Out of those top 1 million sites, around 3 thousand got blacklisted last month. Out of the top 100k, more than 300 got blacklisted by Google.

Those are the top 50k sites that got flagged and their respective ranking (You can get the full list here):


Read More