Survey Highlights Webmasters' Struggles with Hacked Sites

StopBadware and Commtouch recently published a joint report titled "Compromised Websites: An Owner's Perspective" that chronicles webmasters' experiences with hacked websites. The report presents statistics and opinions on how site owners navigate the process of learning their sites have been hacked and repairing the damage. The report's findings are based on a survey Commtouch and StopBadware designed and offered to website owners and webmasters over the course of several months.

Data from the poll reveals that malicious actors are often able to compromise legitimate websites without the site owners' knowledge: more than 90 percent of respondents didn't notice any strange activity, despite the fact that their sites were being abused to send spam, host phishing pages, or distribute malware. Nearly two-thirds of the webmasters surveyed didn't know how the compromise had happened.

Other highlights from analysis of the survey's responses include:

  • About half of site owners discovered the hack when they attempted to visit their own site and received a browser or search engine warning.
  • 26 percent of site owners had not yet figured out how to resolve the problem at the time they completed the survey.
  • 40 percent of survey respondents changed their opinion of their web hosting provider following a compromise.

"Cybercriminals can significantly improve their open and click-through rates by distributing badware via legitimate domains. Many site owners are either unaware of the compromise or struggle to remove the infection, which directly contributes to the persistence of, and increase in active badware URLs." said Amir Lev, Commtouch's chief technology officer. "Commtouch does its part to protect end-users, enterprises and service providers from compromised sites with a range of cloud-based email security, Web filtering and antivirus tools."

"The survey results highlighted several aspects of webmasters' experience with site compromise that may prove eye-opening for the security community," said StopBadware Executive Director Maxim Weinstein. "There's a lack of clarity for webmasters about who's responsible for site security and where to turn when a website is compromised. Webmasters and the wider Internet community therefore benefit from continual efforts aimed at educating them about their responsibilities and those of their hosting providers."

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Survey: Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Mobile Applications Are Empowering Security Personnel

    From real-time surveillance and access control management to remote monitoring and communications, a new generation of mobile applications is empowering security personnel to protect people and places. Mobile applications for physical security systems are emerging as indispensable tools to enhance safety. They also offer many features that are reshaping how modern security professionals approach their work. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3