Late last year, we talked with security firm Commtouch about gaps in the collective security community's knowledge of badware websites. Specifically, we wondered about legitimate websites that are compromised and abused by malicious actors. For instance: Are certain kinds of website software targeted more than others? How are legitimate sites compromised (e.g., outdated software, infected PC, etc.), and how do site owners find out about the compromise? How do those owners regain control of their sites, and what role do their web hosting providers play?
Our conversation with Commtouch resulted in our designing a joint survey aimed at site owners; from November 2011 to the end of January 2012, we offered the survey, through a variety of outlets, to webmasters whose sites had been compromised. At the end of the survey period, we had collected responses from more than 600 webmasters who provided us with stories about their experiences.
Today, StopBadware and Commtouch published a new report based on this survey data: Compromised Websites: An Owner's Perspective highlights webmasters' struggles with hacked sites and presents statistics and opinions from site owners. A few highlights from the survey:
- About half of the site owners surveyed discovered the hack when they attempted to visit their own site(s) and saw a browser or search engine warning.
- 26% of the respondents had not figured out how to resolve the problem at the time they completed the survey.
- 40% of site owners changed their opinion of their web hosting provider following a compromise.