In June we released “a report”:http://www.stopbadware.org/home/badwebs with numbers from late May, showing the network blocks containing the largest numbers of badware sites reported by Google. Here are updated numbers from early July:
|_.# of badware sites |_.AS block name |
|26792|CHINANET-BACKBONE No.31,Jin-rong Street|
|13250|BIZLAND-SD – Endurance International Group, Inc.|
|8582|CHINA169-BACKBONE CNCGROUP China169 Backbone|
|5311|CHINANET-SH-AP China Telecom (Group)|
|5203|AOL-ATDN – AOL Transit Data Network|
|3845|CNCNET-CN China Netcom Corp.|
|2544|CRNET_BJ_IDC-CNNIC-AP China Tietong Telecommunication Corporation|
|2525|THEPLANET-AS – ThePlanet.com Internet Services, Inc.|
|1865|SOFTLAYER – SoftLayer Technologies Inc.|
|1348|CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation|
Note: A network block owner is not always the owner or operator of the infected servers on that block, and our publication of these data is intended to inform and educate, not to assign blame.
Overall, the numbers have decreased significantly as a result of Google more aggressively scanning previously-flagged sites and removing stale entries. A few other notable changes:
* Google is no longer on the top 10 list, probably as a result of more aggressive rescanning of their own sites after they have been cleaned.
* Also dropping from the top 10 are European web hosting company iEurop and Chinese network provider Beijing Dian-Xin-Tong Network Technologies Co., Ltd.
* New on the list is AOL, a StopBadware.org partner. Most or all of the infected sites are from their Hometown service, which offers free blogging and web hosting. (Like Google’s Blogspot, free accounts on Hometown are targeted by spammers and other bad actors as a means to create bogus websites containing or linking to badware.) AOL tells us that they are taking quick action against the sites and the user accounts involved.
* Also new on the list is Endurance International Group. (Endurance is now the parent company of iPowerWeb, which led our list over a year ago.) Endurance told us that as soon as they received notice from us about these infections, they identified thousands of malware redirects on their customers’ sites and took action, including removing the redirects, notifying the customers, and forcing the users to reset their passwords. They also took steps to look for and respond proactively to similar malware in the future.
