Hijacked High-Ranked Sites Serve Malicious, Illegal Content, Blacklisted By Google
Researchers have found that Google Safe Browsing has blacklisted a number of legitimate sites after they’ve been hijacked and set up to serve malicious or illegal content. Many of them are ranked high, according to Alexa.
Zscaler experts have scanned the first 1 million websites found in the Alexa top and found that 621 of them are blacklisted by Google, even though some of them are legitimate websites visited by numerous users every day.
Rank Domain Threat Comment 6,239 subtitleseeker.com Malicious JavaScript Hijacked 18,784 financereports.co Scam Work from home scam 35,610 tryteens.com PDF malware Porn 41,560 iranact.co Malicious JavaScript Hijacked 47,016 creativebookmark.com Fake AV Hijacked 52,409 ffupdate.org Adware download 52,431 vegweb.com Malicious JavaScript Hijacked 53,902 delgets.com Malicious JavaScript Hijacked 78,202 totalpad.com Fake AV Hijacked 81,403 kvfan.net Malicious JavaScript Hijacked 82,344 hgk.biz Malicious JavaScript Hijacked 83,858 youngthroats.com Malicious IFRAME Porn 125,305 metro-ads.co.in Malicious JavaScript Hijacked 133,455 salescript.info Malicious JavaScript Hijacked
For instance, subtitleseeker.com, a website that offers subtitles for movies and TV shows, is ranked 6,239. By nature, the site is not malicious in any way, but that doesn’t prevent Google from cataloging it as being so once it detects abnormal activity on it.
According to Zscaler, Subtitle Seeker has been compromised and altered to host a malicious JavaScript.
Other examples include sites that promote “work from home” scams, adult content, and fake antivirus software, but the majority of them have been simply altered to push malicious PDF files, adware, and other types of malware.
Some of them were blacklisted because they were found to contain iframes and JavaScripts that weren’t exactly added to serve a noble purpose.
Government sites are always tempting to cybercriminals. Recently, the same researchers have found a French government website and one from China, both containing pieces of JavaScript added by the attackers.
Statistically speaking, most of the blacklisted domains are hosted in the United States, followed by Germany, France, the Netherlands and China.
Experts advise administrators to regularly verify their websites’ integrity, otherwise all their hard work could go down the drain in an instance once Google identifies it as being malicious.
Credit: Softpedia.com News, research.zscaler.com
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.