• Over 10 million Web users have utilized StopBadware’s informational resources to understand malware warnings and clean up infections. We’ve assisted artists, activists, software producers, bloggers, corporate officers, and small business owners alike in identifying bad code and learning how to strengthen their security.
  • We’ve reviewed over 171,000 websites in the past five years. Every year, our small testing team receives tens of thousands of independent review requests from people who depend on their websites for income, expression, and community organization.
  • Our data sharing program has racked up more than 17 million event reports in two short years. Researchers have used shared data to study the characteristics of hacked sites and servers, to develop reputation metrics for Web infrastructure providers, and to test theories on effective reporting. The DSP was intended to bring together security companies, independent security professionals, and academic researchers to contribute diverse data and build a broad coalition of analytic talent. Even in its early stages, the program consistently realizes this vision.
  • Our community forum helped several thousand website owners and Internet users clean up malware infections, spam hacks, and redirects—and spurred conversation on hardened site configurations, safe surfing habits, and the cybercrime economy.
  • People from all over the world report badware URLs they’ve encountered to our community feed. In the past several years, independent security researchers we trust have sent us thousands of malicious URLs, including a great many legitimate sites infected with botnet malware. Whenever possible, we’ve reached out to site owners to notify them about their unwitting involvement in pushing exploit kit malware or botnet activity.
  • Since 2010, several hundred Web companies, from hosts and registrars to free subdomain and dynamic DNS services, have reached out to StopBadware to learn about abuse on their networks and develop strategies to reduce it. We’ve sent these providers one-off reports, performed bulk reviews of blacklisted URLs on their networks, and worked with them and blacklist operators to identify policies that result in fewer infections and lower blacklist rates (e.g., removing ads from parked domains).
  • With the help of two thoughtful, deeply knowledgeable working groups, we developed best practices for hosting providers and malware reporters—both of which are still used as a basis for further research and company policymaking.
  • Since 2011, more than 100 web hosting providers have adopted our best practices for responding to malware reports; these providers made public commitments to security by participating in the We Stop Badware™ Web Host program.
  • We were the first organization to spearhead research on hacked sites from the perspective of site owners; we sought both quantitative and qualitative input on site compromise, blacklisting processes, and perceived causes and effects. As a result, we heard from hundreds of webmasters on malware warnings, website software, site cleanup, and the role of hosting providers.
  • We’ve worked with 25+ visionary security, technology, and Web companies—along with independent security practitioners, academic departments, and research institutions—to come up with new ways to track malware, combat infection, protect users, and improve the overall state of Internet security. Many of our partners and friends have supported us since the beginning. StopBadware was always a group project; thanks for your doing your part!