Jump to content
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Sign in to follow this  
Giannis

Sucuri Yearly Hacked Web Site Report 2017

Recommended Posts

Sucuri's yearly Hacked Web Site Report is out for 2017 Hacked Website Report 2017 Statistics | Sucuri

Παράθεση

The Hacked Website report is a report produced by Sucuri. It summarizes the latest trends by bad actors, identifying the latest tactics, techniques, and procedures (TTPs) seen by the Remediation Group (RG). This report will build on the data from the previous quarters, including updated data for 2017.

The one constant you’ll find in this report is the issues pertaining to poorly trained website administrators (i.e., webmasters) and their effect on websites.

This report will provide trends based on the CMS applications most affected by website compromises, the type of malware families being employed, and updates on the state of website blacklisting. It does not consider data related to WordPress plugin configurations.

This report is based on a representative sample of the total number of websites the Sucuri RG performed incident response services. A total of 34,371 infected websites were analyzed in this report. This sample provided a representation of the infected websites worked on by the remediation group in the Calendar Year 2017.

Download Report

Παράθεση

The 2017 telemetry indicates a shift in CMS infections:

  • WordPress infections rose from 74% in 2016 Q3 to 83% in 2017.
  • Joomla infection rates have dropped from 17% in 2016 Q3 to 13.1% in 2017.
  • Magento infection rates rose marginally from 6% in Q3 2016 to 6.5% in 2017.
  • Drupal infections dropped slightly from 2% in Q3 2016 to 1.6% in 2017.

Magento sites can be most out of date

Παράθεση

Over the course of the previous year, 71% of all compromises had a PHP-based backdoor hidden within the site. These backdoors allow an attacker to retain access to the environment long after they have successfully infected the website and performed their nefarious acts. This gives attackers the opportunity to bypass any existing access controls into the web server environment. The effectiveness of these backdoors comes from their elusiveness to most website scanning technologies.

Backdoors often function as the point of entry into the environment, post-successful compromise (i.e., the ability to continue to compromise). Backdoors themselves are not often the intent of the attacker. The intent is in the attack itself, found in the form of conditional SEO spam, malicious redirects, or drive-by-download infections.

We also saw a marginal decline in malware distribution – from 50% in Q3 2016 to 47% in 2017. Mailer script infections held steady at 19% from the previous report.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×