In Excess of 560,000 Sites Suffered Malware Attacks in Q4 2009
A latest report by Internet security firm Dasient reveals that the number of malware-infected Web pages nearly doubled in the final quarter of 2009 as compared to the corresponding period in 2008. Over 560,000 sites and their around 5.5 Million Web pages were targeted with malware in Q4 2009.
In the same quarter, websites of technology blog Gizmodo, Fox Sports, and the Gerald R. Ford International Airport in Grand Rapids, Mich., were compromised to deliver malicious payload to unsuspecting visitors.
On closely monitoring the data, it emerges that file types related with static pages, like .html, .htm and .shtml, estimated for 39.6% of the hacked URLs in Q4 2009. This indicates that hackers are still primarily on misusing structural flaws in the Web to hack authentic websites- flaws like sourced-in third-party applications or content; user-added content including links, photos, comments and other files; as well as syndicated ad networks, etc.
Though, the firm claimed that the figures in Q4 2009 are in fact marginally down as compared to Q3 2009, when it discovered in excess of 640,000 attacked sites and 5.8 Million compromised Web pages.
The decline might be having some relation with the more sophisticated and smarter attacks: infections of freshly hacked sites with an average of 10 or more pages struck around 24% pages on those websites, up 19% from Q3 2009. As per the report from Dasient, the infections chiefly propagate to more number of pages on each of the sites in Q4 2009.
Another sign that the hackers are triggering stealthier and more efficient attacks lies in the number of programs used in these assaults. One of the co-founders of Dasient, Neil Daswani, states that they have discovered proof of hackers getting more urbane and furtive with regard to Web-based malicious attacks, as per the news published by Dark Reading on January 26, 2010.
Daswani claimed that the average number of programs loaded onto a victim' system from infected compromised site was 2.8. This implies hackers have updated their attacks, making them increasingly competent to such an extent (according to Dasient data) that just 2-3 programs are enough to make the assault more targeted and less noticeable.
Related article: IM Has Various Problems
» SPAMfighter News - 02-02-2010