Sucuri has posted their latest quarterly report on Hacked Websites giving more details about the victims in the second quarter of 2016.
The Hacked Website Report for 2016/Q2 Gives Further Details About the Victims
The data is based on the collected information by the vendor’s Remediation Group, consisting of the Incident Response Team (IRT) and the Malware Research Team (MRT). The total number of sites number over 90000 infected pages and statistics associated with the affected open-source CMS (content management systems) applications, details on the platforms, blacklists and detected malware families. The quarterly report was introduced in Q1 2016, and it is the first of its kinds based on the metadata collected by the vendor’s group.
The results from the report shows that the majority of hacked sites are WordPress based, they account for 74% of the total surveyed pages. The other major platform with a lot of infection is Joomla, one of the most popular solutions that are used to built both small and large web projects.
One of the most important issues that impact the security of the web sites is infrequent updating. The Sucuri staff has divided the report to address two different type of infections:
- Updated CMS Installations
- Outdated CMS Installations
When it comes to WordPress, the researchers identified the top three plugins and scripts that account for 22& of all WordPress infections – TimThumb, Revslider and Gravity Forms.
The three most popular malware families distributed in the quarter are Backdoors (68%), Malware (60%) and SPAM SEO instances (32%).
The report concludes with the following conclusions:
- WordPress continues to lead the infected websites we worked on (at 74%), and the top three plugins
affecting that platform continue to be Gravity Forms, TimThumb, and RevSlider. - WordPress saw a decrease in the ratio of out-of-date core software and infected websites (by 1%), while Drupal had a 3% increase to 84%. Joomla! And Magento website deployments continue to lead the charge with out of date instances.
- New data points show that on average, WordPress installations have 12 plugins, and the report provides a list of the most popular plugins within the Sucuri-compromised sites.
- New data points were introduced showing the percentage of infected websites blacklisted. Only 18% were blacklisted by any blacklist, and Google made up 52% of that grouping (making up 10% of the total infected sites).
- Analyzing the malware families showed that SEO spam continues to be on the rise, increasing to 38% this quarter (a 6% increase) and backdoors rose to 71%.
For more detailed information you can check Sucuri’s full report.