Security Expert Daniel Cid has produced a report claiming that hackers have been able to elude safe browsing checks designed to alert a websites user when a hacker has been found to have compromised the website they are visiting.
In a test group of more than 21 000 websites that has been reported as being compromised nearly 16 000 of this website were found to be powered by Wordpress. This is unsurprising as Wordpress is the world's most popular content management system (CMS) platform. In the same test group just over 3000 more website that had been hacked were powered by the Joomla another major CMS .
The one thing most of these sites were found to have in common was they had been backdoored, a strategy used by hackers aiming to add a payload of malicious software and do so by adding a script file to the website that allows them access in the future. This would target future visitors to the website potentially infecting them also it would add a sneaky way to access the website if the malicious software is ever discovered.
These backdoors can be difficult for safe browsing checks to detect, in further tests Google was found to be a top performer for blacklisting infected websites. The following popular safe browsing checkers were compared:
Google safe browsing 52%
Norton Safeweb 38%
McAfee SiteAdvisor 11%
Cid offered further insight into these compromised sites, saying: “ A hacked site can have multiple files modified with different families of malware in them. It depends on the attacker's intent or goal in how they plan to leverage their new asset. This report confirms what is already known; vulnerable software continues to be a problem and is the leading cause of today's website hacks.”