The vast majority of sites that push malware on their visitors are legitimate online services that have been hacked as opposed to those hosted by attackers for the purposes of distributing malicious software, Google security researchers said Tuesday.
The data, included for the first time as part of the safe browsing section of Google's regular transparency report, further challenges the myth that malware attacks happen only on disreputable sites, such as those that peddle porn, illicit software ("warez"), and similar content. For instance, on June 9 only 3,891 of the sites Google blocked as part of its Safe Browsing program were dedicated malware sites, while the remaining 39,247 sites that were filtered offered legitimate services that had been compromised.
In all, Google blocks about 10,000 sites per day as part of the program, which is designed to help people using Firefox, Chrome, and other participating browsers to steer clear of phishing scams and drive-by malware attacks. The program is also designed to inform webmasters of infections hitting their site and to take steps to fix the problems. In all, the Safe Browsing program helps protect about 1 billion people per day.