Home Services Contact Info

Malware Stats for Irish Web Hosting Companies

Posted in: Security by Richard Hearne on August 25, 2009
Internet Marketing Ireland

I’ve been paying a lot more attention to the problem of malware. It seems that this issue may be set to be the largest threat to online business, and given the sheer volume of new attacks I thought it would be interesting to take a look at what Google’s Safe Browsing system was reporting for Irish Hosting companies.

Safe Browsing

Google has been directly protecting users from malware since 2006. Their Safe Browsing API is probably best known to Firefox users, and is used by numerous other applications to protect users from malicious websites.

Not Just Sites – Networks Too

Many people don’t realise that Google’s malware detection infrastructure measures infection at network as well as website level. So you can check out how much malware each host’s webservers have been found to host over the past 90 days. Here’s some data for a number of well-known Irish web hosting companies:

Hostname# Tested# Infected%IntermediaryDistributionLink
Blacknight46613457.4%62link
Digiweb469167814.5%75link
Eircom72850.7%00link
Netsource68940.6%00link
Register36556953215.6%53link

Key:
# Tested Number of tested sites
# Infected Number of sites serving malicious software
% % sites serving malicious software
Intermediary Number of sites on network acting as intermediaries for further malware distribution
Distribution Number of sites on network actually distributing malware
Link Link to Safe Browsing Diagnostic page

Some Notes

It’s worth noting that most hacked websites do not host malware, but instead inject code that results in visitors downloading malware from other servers. A significant proportion of the increased malware seen in recent months is likely a result of the gumblar hack.

I had better mention that all I’ve done above is show the stats reported by Google – these figures may be inaccurate, and I’m not inferring anything about the security of the above mentioned hosts. I was unable to find stats for a number of other well known Irish hosters.

Has your site been hacked?

If you’re concerned you can use this URL:
http://google.com/safebrowsing/diagnostic?site=mysite.com
[change mysite.com to your domain without www].

You should subscribe to the RSS Feed here for updates.
Or subscribe to Email Updates now:

10 Comments »

  1. Just to clarify, hosting365 do not provide shared hosting – can you amend the list above to read Register365.com

    Many thanks,
    Excellent work,
    Stephen

    Comment by Stephen McCarron — August 25, 2009 @ 11:56 am

  2. Interesting statistics! I would have to agree that malware is one of the biggest problems businesses face online. The threat it presents is one thing, but being named and shamed as one that has been detected associating with malware can be damaging to a brand.

    Comment by Donagh Mc Sweeney — August 25, 2009 @ 12:05 pm

  3. Richard, you’ve the same link for Blacknight and Digiweb there.

    Comment by Allan Cavanagh — August 25, 2009 @ 12:41 pm

  4. Richard

    You’re a bit late with this, as we’ve been tracking it for some time.

    The issue which is responsible for most of these infections is Gumblar, which we’ve been trying to raise awareness with clients about.

    The reason why you can’t find data on some of the other Irish hosting providers is because they’re basically resellers of someone else and don’t have their own networks

    The stats aren’t realtime – they seem to update about every 48 – 72 hours roughly …

    Regards

    Michele

    Comment by Michele — August 25, 2009 @ 2:50 pm

  5. @Stephen – done, sorry about that.
    @Donagh – good point, and the malware we’re seeing now is far more nasty than ever before.
    @Allan – good spot. Updated now so you can get through to the correct underlying data.

    Thanks all for commenting (even if WP seems to have lost count)
    Rgds
    Richard

    Comment by Richard Hearne — August 25, 2009 @ 3:21 pm

  6. Sorry about that Michele – the irony wont be lost here, but you got Akismet’ed :(

    I saw the posts you guys have put up, but I’m curious if there aren’t other more automated techniques you can run to scan accounts? Could you pull in Safe Browsing API and alert webmasters in their CP if any domain has been flagged for malware?

    Rgds
    Richard

    Comment by Richard Hearne — August 25, 2009 @ 3:27 pm

  7. Is there any guide on preventing such infections?

    Comment by Chris — August 26, 2009 @ 12:23 am

  8. Hi Chris

    I think you’ll find some interesting docs over on Google’s site: http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=45432

    And Google are going to be running a feature
    Ask the Google Anti-Malware team     which should result in some good videos hopefully.

    You should also check if your hosting provider offers any tips on keeping safe.

    Hope this helps
    Richard

    Comment by Richard Hearne — August 26, 2009 @ 8:30 pm

  9. [...] Some research from Red Cardinal about Malware Stats for Irish Web Hosting Companies. [...]

    Pingback by murmurs 04/09/2009 | Murmurs — September 4, 2009 @ 8:55 am

  10. I have to say I’ve missed that google tool. Looks handy, my site got infected with some javascript malware last week.

    Comment by Sanovnik — December 15, 2009 @ 8:46 pm

Comments Feed TrackBack

Leave a comment