Most of the badware that is in circulation today is distributed through websites. Some badware websites have been set up by malicious actors expressly for the purpose of infecting other websites and unsuspecting Internet users. These intentionally bad websites distribute badware for profit. However, many more badware websites are legitimate sites that have been hacked without the knowledge or permission of their owners. When this happens, a legitimate but compromised site can download dangerous code onto visitors’ computers when those users simply visit the hacked site. For more information about what qualifies as a badware website, check out our Website Guidelines.

In order to build a comprehensive list of URLs that host or otherwise distribute malware, StopBadware maintains a number of collaborative, data-based intiatives—namely, our Data Sharing Program, Clearinghouse, and Top 50 lists.

Although data is hosted by StopBadware, the list(s) of badware-distributing sites has been generated by our data providers. In particular, websites in our Clearinghouse have been examined by our data providers, such as Google, and found to contain badware or links to badware. StopBadware does not curate or maintain a blacklist.

Please note: When a URL is not listed as currently bad in our Clearinghouse, it  should not  be interpreted as meaning that the URL is clean – it simply means that none of our data providers are currently reporting that URL as bad.

If you are the administrator of a website currently listed as bad by StopBadware’s data providers, you can ask us to review the status of your site in the Badware Website Clearinghouse by requesting an independent review. For more details on this process, see our FAQ or our Review information.