14 DAY TRIAL // Security researchers from Sophos claim that webmasters are generally unresponsive when contacted about their infected websites, or if they respond, they do so in a hostile way.
Legitimate infected websites have become one of the primary vectors for spamming and spreading malware online.
They are commonly used as doorway pages in black hat search engine optimization (BHSEO) campaigns or to launch drive-by download attacks.
The problem with such websites is that they can remain infected over long periods of time if their owners are not persuaded into cleaning them.
According to Fraser Howard, a principal virus researcher at Sophos, adding to the problem is the fact that spotting the signs of infection is not always straight forward. For example, some scripts hide the malicious code unless the user arrives to the site through a search engine.
"About 18 months ago I decided to investigate how receptive webmasters were to these sort of ill tidings. After several weeks in which I contacted numerous victims (via email), the conclusion was obvious - the vast majority did not trust me," says Mr. Howard.
"[...] The bulk of my emails were never acknowledged (and the sites remained compromised). Of the replies I did get, some were even bordering on hostile!" he adds.
The researcher notes that most webmasters seemed to care only if their website was up and appeared normal, without any interest into what happens in the background.
In our discussions with various security experts from different companies we suggested that an opt-in notification service for webmasters would be appredciated.
However, it seems that the only solution might be to force their hand. In this respect, the newly announced Google search, which slaps a "this site may be compromised" warning on the search results, might pay off.