Our research team recently completed a study that examined the popularity of certain plugins on infected WordPress sites. This particular study didn't yield a statistical difference between plugin distributions on infected WordPress sites and the general population of WordPress installs. However, our team noted that a previous study of theirs (not for StopBadware) with data from other compromised websites did show a difference. In this prior study, they also found a statistically different distribution of plugin version than their control set. They believe more data would likely yield similar results.
Credit: Marie Vasek, StopBadware's operations technologist, and our intern John Wadleigh (both SMU students). The dataset used in this study was comprised of 86,899 unique URLs, of which 3,254 contained at least one of the relevant plugins. A large part of this dataset comes from StopBadware's Data Sharing Program.
Add new comment