I now count approximately 1.5million infected sites based on the updated list of domains at ShadowServer. SA infected pages are now up to 1 340, although this varies wildly based on the Google DC queried. Some large SA sites are still being re-infected.
There's also a new consequence. Instead of just silently infecting your users with malware, which is hard to spot. Google is now blocking access to some of the sites, along with Firefox if you have the safe browsing lists enabled. If reputation doesn't drive action, falling ad revenues should.
Out of interest, Shadow Server lists the following domain and approximate number of infected pages as of the 14th of May 2008:
- www.nihaorr1.com - 468,000
- free.hostpinoy.info - 444,000
- xprmn4u.info - 369,000
- www.nmidahena.com - 140,000
- winzipices.cn - 75,000
- sb.5252.ws - 69,000
- www.aspder.com - 62,000
- www.11910.net - 47,000
- bbs.jueduizuan.com - 44,000
- www.bluell.cn - 44,000
- www.2117966.net - 39,000
- s.see9.us - 39,000
- xvgaoke.cn - 33,000
- www.414151.com - 17,000
- yl18.net - 15,000
- www.kisswow.com.cn - 13,000
- c.uc8010.com - 9500
- www.ririwow.cn - 6000
- www.killwow1.cn - 4000
- www.qiqigm.com - 3600
- www.wowgm1.cn - 3500
- www.wowyeye.cn - 2800
- 9i5t.cn - 2500
- computershello.cn - 2300
- www.z008.net - 1600
- b15.3322.org - 1200
- www.direct84.com - 1100
- www.caocaowow.cn - 900
- firestnamestea.cn - 700
- %61%31%38%38%2E%77%73 (a188.ws) - 500
- www.qiqi111.cn - 230
- www.banner82.com - 90
- smeisp.cn - 85
- okey123.cn - 55
- www.nihao112.com - 45
- free.edivid.info - 40
- h28.8800.org - 34
- ucmal.com - 30
- t.uc8010.com - 30
- www.dota11.cn - 25
- bc0.cn - 20
- www.adword71.com - 17
- w11.6600.org - 13
- usuc.us - 13
- newasp.com.cn - 7
- www.wowgm2.cn - 8
- 17ge.cn - 4
- www.adword72.com - 2
- www.117275.cn - 1
- vb008.cn - ?
- www.wow112.cn - ?
- www.nihaoel3.com - ?
Trackbacks
Trackback specific URI for this entry
No Trackbacks