High-Ranked Sites Blacklisted by Google After Being Hijacked

The banned websites are not malicious by nature, but cybercriminals make them so

By on May 16th, 2012 11:24 GMT

Researchers have found that Google Safe Browsing has blacklisted a number of legitimate sites after they've been hijacked and set up to serve malicious or illegal content. Many of them are ranked high, according to Alexa.

Zscalerexperts have scanned the first 1 million websites found in the Alexa top and found that 621 of them are blacklisted by Google, even though some of them are legitimate websites visited by numerous users every day.

So, how can a legitimate website get on the Google Safe Browsing list?

For instance, subtitleseeker.com, a website that offers subtitles for movies and TV shows, is ranked 6,239. By nature, the site is not malicious in any way, but that doesn’t prevent Google from cataloging it as being so once it detects abnormal activity on it.

According to Zscaler, Subtitle Seeker has been compromised and altered to host a malicious JavaScript.

Other examples include sites that promote “work from home” scams, adult content, and fake antivirus software, but the majority of them have been simply altered to push malicious PDF files, adware, and other types of malware.

Some of them were blacklisted because they were found to contain iframes and JavaScripts that weren’t exactly added to serve a noble purpose.

Government sites are always tempting to cybercriminals. Recently, the same researchers have found a French government website and one from China, both containing pieces of JavaScript added by the attackers.

Statistically speaking, most of the blacklisted domains are hosted in the United States, followed by Germany, France, the Netherlands and China.

Experts advise administrators to regularly verify their websites’ integrity, otherwise all their hard work could go down the drain in an instance once Google identifies it as being malicious.

1 Comment