Heartbleed Vulnerability Affects 5% of Select Top Level Domains from Top 1M

In trying to gauge the impact of the Heartbleed vulnerability, we proceeded to scanning the Top Level Domain (TLD) names of certain countries extracted from the top 1,000,000 domains by Alexa. We then proceeded to separate the sites which use SSL and further categorized those under “vulnerable” or “safe.” The data we were able to gather revealed some interesting findings.

As of the moment, we see an overall percentage of around 5% in terms of sites affected by CVE-2014-0160. The TLDs with the largest percentage of vulnerable sites are .KR and .JP. It’s interesting to note that sites from the .GOV TLD rank fifth on the list.

Figure 1. A breakdown of vulnerable sites per country
(Click image above to enlarge)

On the other hand, we have significantly low number of vulnerable sites under FR and IN TLDs. We just think of a few theories why this is so. Maybe they haven’t updated to the version of OpenSSL which was vulnerable. They could also have immediately patched vulnerable sites. Another possible reason is that these countries don’t use much machines with the most recent versions of Linux.

We are going to rescan the sites again in a few day to monitor these changes. In the meantime, we advise website administrators to update OpenSSL to protect their users.

Update as of April 10, 2014, 10:18 A.M. PDT: The title has been edited for clarity.

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

Heartbleed Vulnerability Affects 5% of Select Top Level Domains from Top 1M