Malware Compromised Sites to be Removed?

There is a debate brewing concerning whether or not domain name registration companies whose web-sites have been compromised by malware should be removed from the Internet. Cybercrooks are using ever-more sophisticated methods to inject malicious code onto websites or redirect traffic onto their botnets and some are calling for removal of malware-infected sites or the lowering of search rankings for compromised websites. Aside from cyber-crooks who steal websites with the use of rogue domain name registrars, there are also those who are disseminating malicious code through the use of domain names bought in developing countries who sell cheap and largely unregulated domains.

McAfee has done a study of 27 million websites and has discovered that several developing countries are being exploited in terms of malware hosting domains. Vietnam is the riskiest domain and MacAfee reports that up to 29% of all domains using the .VN suffix are considered risky, up from only 1% reported as risky last year. This shows the fast-moving nature of the scammer’s and their tactics and how they can move quickly from one arena of exploitation to another. Cameroon, Armenia and the Cocos Islands are among some of the other most risky country domain names. Cameroon is thought to be popular among scammers because a simple typo when typing .com could lead a user to a malware infected .CM site.

Google searching is not immune to malware-infected results, in fact, up to 1.5% of Google search results can lead to infected sites, according to Kaspersky Lab, and crooks have found ways to inject malware directly onto existing websites making it difficult to detect which sites are actually attack websites and which are infected popular sites.

These problems have some calling for the dropping or the lowering in search rankings of websites that are hosting malicious software, knowingly or not. Some feel that it would be a justified action that would force companies to fully secure their sites against malware infestation and could help in eliminating dedicated attack sites. It remains to be seen whether or not Google begins to take action against sites that are infected, and it is still unclear how to counter the problem with bogus domain name registration in developing countries. Domain hosting issues concerning malware are likely to continue for the foreseeable future unless appropriate measures are taken.