One in three of top websites vulnerable or hacked, says report

A report from a security company, has bought some striking revelations about the security of the websites that we browse daily. The report says that one in three of the top million websites was either vulnerable to be compromised or already hacked. Releasing the security report, Menlo Security revealed that the popular website was hacked in February 2015. The length of the hacking period remains unknown and it could have been days, weeks or months before Forbes actually removed the malicious code from the website.

The hacking of a top side like reveals the dark side of the online world where the security of millions of users and visitors is at the mercy of these attackers.

Menlo research report may shock you

Menlo Security scanned top one million sites at to arrive at this report. The check was to discover which sites were vulnerable and/or compromised. The Menlo research team scanned over 1.75 million URLs representing over 750,000 unique domains.


The facts revealed by the research report are not only shocking, but hard to believe at once, it mentions,

  • One in three of the top one million Alexa domains are “risky” – meaning that they’re either already compromised or running vulnerable software and therefore at risk of compromise by groups or individuals planning the next attack.
  • More than one in twenty sites, or six percent, were identified by 3rd-party domain classification services as serving malware, spam or are part of a botnet.
  • Over one-fifth (21%) of sites were running software with known vulnerabilities.
  • Of the 2.5 percent of sites that were “uncategorized,” a significant proportion (16%) were running vulnerable services.

Breaking the notion of the normal belief, the report mentions that it is wrong to think that websites based on subjects related to Hate and Intolerance, Violence or Child Abuse are only vulnerable. Trusted sites belonging to categories such as Transportation (20%), Health and Medicine (20%), Computers and Technology (18%) and Business (18%) are also subjected to compromise.

On the contrary, one of the major findings that surprises the most is the fact that the categories that are typically allowed by Web filtering policies, like Computers & Technology, Shopping and Personal sites represent the three top contributors to vulnerable sites by number. A truly shocking figure!

Sounding caution, Menlo said that the next major attack could have already been planned while we are busy finding the present ones. So until the security researchers find the next best solution, we advise our users to be aware and secure.

Stay safe online .. follow these Internet Security tips.

Posted by with Tags
Anand Khanse is the Admin of, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.

One Comment

  1. Arun Kumar

    Wonder what they get from hacking non commercial websites! Maybe dumping malicious code to computers. With all the precautions I take – firewall router, comodo router, avast antivirus and weekly runs of malwarebytes and norton online scan, I still face problems when browsers start running scripts from third party, ugly sites. I am now using NoScript to check a script first before allowing it to run. Some regular websites are exception otherwise all others are under scrutiny.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 + 9 =