In the November 2023 survey we received responses from 1,092,141,942 sites across 269,029,841 domains and 12,483,638 web-facing computers. This reflects a loss of 1.2 million sites, a gain of 1.1 million domains, and a gain of 112,102 web-facing computers.

OpenResty saw the largest gain of 2.4 million sites this month. This gave it a slight increase in market share from 8.14% to 8.37% (+0.23pp). Its market share has remained stable between 7.7% and 8.7% since February 2022.

Meanwhile, nginx suffered the largest loss of 4.5 million sites this month, meaning it now accounts for 22.83% of the market. This continues the decline observed in recent years, with its market share now down 13.71pp since July 2021.

Hosting providers

This month also saw the full effects of Squarespace’s acquisition of Google Domains, which closed on 7th September 2023 after the acquisition was first announced in June 2023. Over 25 million sites, primarily parked domains, moved from Google to Amazon this month – a 20% increase in the number of sites hosted by Amazon.

We also observed sites switching away from DediPath, which abruptly announced its closure on 31st August 2023. Following on from a smaller decline of 10% last month, there was a further exodus this month, with 85% of the remaining 5,403 sites leaving the hosting provider: 34% of these sites switched to Tencent, and 43% were shut down altogether. DediPath’s computer count decreased a further 61%, leaving the company with just 628 web-facing computers. DediPath continues to urge its customers to back up their data and migrate away as soon as possible.

Developer	October 2023	Percent	November 2023	Percent	Change
nginx	253,876,735	23.22%	249,368,944	22.83%	-0.39
Apache	249,833,078	22.85%	248,343,154	22.74%	-0.11
Cloudflare	116,314,628	10.64%	115,937,937	10.62%	-0.02
OpenResty	88,981,001	8.14%	91,405,835	8.37%	0.23

Developer	October 2023

…

With laser communication poised to further enhance satellite communication capabilities, the future holds immense promise for a universe connected by laser light.

As Black Friday (and Cyber Monday) approaches, the annual online sales phenomenon shows no sign of slowing down, and neither do cybercriminals looking to take advantage of the busiest shopping days of the year.

The kick-off to holiday shopping, much of which has become digital, represents a massive opportunity for cybercriminals seeking to exploit the surge in online activity. Shoppers are primed to expect hard-to-believe online bargains that they might be more suspicious of outside Black Friday/Cyber Monday. 

As of the end of October 2023, Netcraft’s research has identified a staggering 135% increase in fake retail sites blocked compared to October last year, on top of an increase of 63% over October the previous year, conveying that the annual increase more than doubled in the last 12 months over already alarming growth.

In this review, we’ll look at prominent fake retail sites identified by Netcraft and the techniques cybercriminals use to trick users and ultimately impact brand credibility and reputation. 

Fake shops exploiting Black Friday

Claiming to offer highly discounted goods, fake online shops either impersonate the websites of luxury brands and established retailers or operate across multiple brands. These properties are often a front to capture payment details (and other sensitive information). The details shoppers submit can be used directly or sold to other cybercriminals. Any goods that end up being delivered – many are not – are likely to be counterfeit.

With so many genuine sites offering significant discounts on actual products, it’s easy to see why cybercriminals exploit Black Friday and Cyber Monday themes. Here are a few examples of fake retail sites we’ve detected, starting with a site that targets US home improvement retailer Lowe’s.

Figure 1: Fake shop with ‘Black Friday’ promotion, targeting US retailer Lowe’s.

As expected, cybercriminals change their tactics to coincide …

The InterPlanetary File System (IPFS) is a content-addressed peer-to-peer file sharing network from Protocol Labs being exploited by cybercriminals to host phishing sites and other malicious content. Often associated with the web 3.0 movement, it allows its users to upload, share, and download files across a distributed worldwide network.

Gateways make IPFS accessible to the broader public, allowing pages powered by IPFS to be visited in traditional web browsers and shared with potential victims. Netcraft first detected cyber attacks using IPFS in 2016, and now detects and blocks hundreds of attacks using IPFS gateways every day.

This blog post describes what IPFS is and how it works, how and why it is used by cybercriminals, and what Netcraft is doing to block and disrupt attacks that leverage the IPFS network.

What is IPFS?

IPFS is a decentralized storage and delivery network technology. Unlike the traditional web, where most content is hosted on dedicated servers, IPFS is peer-to-peer, which means there is no single server providing each page. Instead, content is accessed via any peer (also known as a node) that has a copy of the content, with little distinction between servers and users.

The decentralized structure allows users to host or share content with increased availability and resilience. Filecoin, a cryptocurrency which builds upon IPFS to incentivize node operators to host content, is significantly cheaper than using cloud storage services like Amazon S3 at the time of writing. Eliminating the need for a single server also means content can be accessed from nodes hosted in a wide variety of locations in multiple jurisdictions—improving availability but making it more difficult to remove content.

How does IPFS manage content?

The traditional web is location-addressed: URLs, such as https://www.netcraft.com/, are used to access content from a specific location. IPFS is instead content-addressed. …