Google adds malware data to Transparency Report

Posted on June 26, 2013 - 15:34 by ccondon

For more than five years, StopBadware has been working with the Safe Browsing team at Google to help webmasters clean up hacked sites and make the Web safer. Through their detection systems, browser and search warnings, and notifications, Google’s Safe Browsing initiative helps protect millions of Internet users from potentially harmful websites every day. As a result, Google has quite a bit of data on harmful websites and their behavior. Data like Google's is essential to understanding the malware problem—and understanding the problem is, in turn, a prerequisite to solving it. Yesterday, Google announced that they’ve added a Safe Browsing section to the Google Transparency Report to shed more light on the sources of malware and phishing. 

Unsafe websites detected per week - Google

The new Safe Browsing section of the Transparency Report includes data like the weekly number of users who see browser and search warnings, the number of compromised legitimate websites vs. “attack” sites (those created expressly to distribute malware), and webmaster response/reinfection rates. It also includes information on malware distribution by AS that allows users to sort data by region, type of site detected, and time range.

A few notable points (several of which our partners over at Sucuri have already pointed out):

  • The ratio of compromised legitimate sites to intentionally malicious attack sites is pretty staggering. The vast majority of sites Google detects to be distributing malware are legitimate sites that have been infected without the permission, and often without the knowledge, of their owners.
  • The 2008 spike in website reinfection rate has been gradually declining. (Google makes note of the fact that a change in their process caused the initial spike.) Decreasing reinfection rates and increasing preventative website security is one of StopBadware’s long-term goals, so it’s encouraging to see this metric expressed as a downward trend over time.
  • Webmasters’ response time (once they’ve been notified a site is compromised) is still much longer than optimal. As both we and much of the security community are well aware, there are several factors that likely contribute to the lag in cleanup time. Many webmasters either don’t see or don’t know how to interpret malware notifications, for instance, and many more lack the relevant technical expertise to find and remove malicious code and eliminate infection vectors.

Resources like StopBadware’s community forum, our webmaster resources, and Google’s Help for hacked site owners informational series can help address these needs. At the same time, it’s clear that there’s more to be done. 

StopBadware hears on a regular basis how one of the security industry’s most persistent problems is establishing and sharing metrics that accurately express the state of malware on the Web. It’s why we’ve long published data like our Top 50 IP and AS lists, and why we’re piloting a data sharing program among our partner companies. Google’s Safe Browsing data offers another key glimpse of the ways malware distribution is evolving and ways the industry can shift to more effectively fight it. Props to the team at Google for their work on the new report section!

Microsoft joins Ads Integrity Alliance

Posted on April 24, 2013 - 10:36 by ccondon

The Ads Integrity Alliance announced a new member this morning: Microsoft will join ad industry leaders—including Google, Facebook, Twitter, and the IAB—in their public commitment to work together to protect users from bad ads. Microsoft particularly emphasized the relevance of the Alliance's mission to Bing Ads. 

When StopBadware launched the Ads Integrity Alliance last summer, we did so to emphasize the importance of online advertising platforms in improving and upholding trust in the Web. Over the past 10 months, the Alliance has grown to include industry leaders like The Media Trust and The Council of Better Business Bureaus. Adding Microsoft's voice to this group reinforces the importance of the Alliance's work, both to consumers and to businesses who rely on advertising to drive growth and innovation.

The Ads Integrity Alliance expects to publish an inaugural set of best practices in the next few months. We're proud of what the Alliance has accomplished thus far, and we and our partners look forward to the next phase of the Alliance's development. You can see the complete list of Alliance members and keep up with news and publications at

New Google series helps webmasters recover hacked sites

Posted on March 12, 2013 - 13:18 by ccondon

Today Google launched a new informational series called Help for hacked sites to help website owners whose sites have been compromised by spam or malware recover those sites. The new series includes over a dozen articles and more than an hour of video tutorials for webmasters of hacked sites; the videos help answer key questions, like how and why a site gets hacked, how to verify site ownership in Webmaster Tools, and how to use freely available tools to assess damage done to a hacked site.

Check out Google's overview video for hacked site owners:

StopBadware and Google have been working together for years to help site owners clean up and recover their hacked websites. Both we at StopBadware and our partners at Google understand how frustrating it can be to diagnose and recover a hacked site, and we want website owners to have all the help they can get to do it quickly and effectively. Many individuals and small businesses rely on their websites to stay in touch, drive traffic, and create profits that keep them going. A hack isn’t a small problem for most Web authors, so we’re thrilled that the Google team has put so much work into these new resources for webmasters.

Take a look at all Google’s new material at We’ll be adding Google’s great new stuff to our own resources for hacked site owners in the days to come!