• by Laurie Sullivan , Staff Writer @lauriesullivan, October 8, 2018

There are good bots such as search engines, and bad bots such as malware attacks. But the rate at which search engines blacklist infected websites continues to decline. Many who search the internet for information put their trust in Google, Bing and others to blacklist unsafe sites.

A study titled SiteLock Website Security Insider: Q2 2018 found that the number of infected websites remains steady, but search engines fail to flag about 83%, meaning that consumers are one click away from vulnerabilities.

In the second quarter of 2018, SiteLock estimates that just 17% of infected websites were blacklisted by search engines —  down 6% from the previous year. 

Overlooking a spam attack kit can wreak havoc on the search engine results of those sites, causing the site to lose customer trust and revenue — all without the site owner ever being alerted.

For the study, SiteLock analyzed more than 6 million websites protected by malware scanners. The study revealed that cybercriminals are continuing to carry out new and traditional malware attacks.

Cryptojacking doubled in the second quarter of 2018 compared with the first quarter, and there was a 16% increase in the prevalence of malicious Javascript files. This new trend is not surprising, because many cryptojacking scripts use Javascript kits to deploy and collect the mined cryptocurrency.

And counter to the increase in silent symptomless attacks, decreases in the number of traditionally noisier attacks containing a large number of files were detected. For example, SEO spam, which traditionally contains many files, has shown significant declines. The amount of SEO spam cleaned this quarter dropped 58% from the year before, down 4% compared with the prior quarter.

Some 60% of website traffic comes from internet bots, not humans. And while there are good bots in the mix such as search engine crawlers for indexing websites, far more bot traffic is malicious.

Of the 75,000 websites analyzed, the study found that websites are targeted by an average of 58 attacks per day, up 16% compared with the first quarter of the year.

Malicious bots represent 87% of all traffic filtered by SiteLock’s technology. About 9% of sampled sites had a least one vulnerability. Globally, up to 171.3 million websites have a vulnerability.

Vulnerabilities are often found in open-source applications, such as the three largest CMS applications -- Joomla, WordPress, and Drupal -- and their associated plugins and themes.

During the second quarter of 2018, SiteLock reviewed 4 million open-source content management system (CMS) websites that use vulnerability patching services. Across Joomla, WordPress, and Drupal, 61 individual vulnerabilities were discovered -- up 48% from the prior quarter, requiring 1,099 individual patches to address them.

The report describes several ways that companies can protect CMS platforms from potential attackers. Use a strong passphrase that includes mixed case letters, numbers, and special characters, and it is important to only enter that password over secured networks. Change the URL associated with the dashboard from the default using custom plugins. Doing so makes it more difficult for attackers to gain access to the administration of a site and cause damage.

Based on the data, SiteLock predicts a continued rise in symptomless attacks, such as cryptojacking. The number of attacks daily will fluctuate, but they will continue.