Heartbleed, Two Weeks Later: A Graphical Report

This report is written 16 days after the vulnerability’s initial disclosure. The Trustlook team has analyzed Alexa’s top 1 million websites and over 120,000 apps from Google Play. To show you Heartbleed’s aftermath after 2 weeks and onward.

According to the scan results of the Alexa top 1 million websites, 451,470 websites have enabled SSL connections, and of them, 19,566 or 4.4% of websites are still vulnerable.

Screen Shot 2014-04-23 at 9.24.37 PM copy
Vulnerable websites, by percentage

Screen Shot 2014-04-25 at 11.58.14 AM
Vulnerable Websites, by Category

For mobile platforms, Android 4.1.1, which occupies 7% of Android market share, is vulnerable due to the OpenSSL version it used. What makes things worse is that Android is a highly fragmented OS, some 3rd party ROMs react slowly on patches and updates. After scanning 120,000 apps from Google Play, 8.7% of the apps that enables SSL connection have been found vulnerable, which affects more than 150 million users.

Screen Shot 2014-04-23 at 9.25.48 PM copy
Vulnerable Android Version, by percentage

Screen Shot 2014-04-24 at 11.50.37 AM copy
Vulnerable Android Apps

One thought on “Heartbleed, Two Weeks Later: A Graphical Report

  1. Pingback: Trustlook Examines Android Apps Still Affected by Heartbleed | VPN Creative

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s