Malicious Websites Rose 225% in H2 2009

Websense's State of Internet H2 2009 report states that the harmful sites increased by 225% in the second half of 2009 against the same period a year ago (2008).

Dan Hubbard, Websense Chief Technology, claimed that hackers had redirected their efforts to ensure that the users fall prey to their schemes, as per the reports by SiliconIndia on February 4, 2010.

Hubbard also said that by infecting search results and focusing on Web 2.0 sites, hackers' efforts proved successful. The merging of today's dangers threats with hacked authentic websites takes the advantage of a sense of trust while using search engines and communicating with friends or acquaintances online.

The report reveals that web 2.0 sites (which allow user-generated content) are the prime target of hackers and cyber crooks. Websense recognized that almost 95% of user-generated comments to chat-rooms, message boards and blogs were harmful or spam.

In addition, Websense Security Labs disclosed that 13.7% of queries looking for news\buzz words (defined by Google & Yahoo Buzz Trends) resulted in malware. Search engine optimization poisoning attacks hit the top searches allowing attackers to drive traffic to their websites.

In H2 2009, malware creators continue to take advantage of website reputations and exploit user faith. The report also discloses that 71% of websites with harmful code were authentic websites but they had been hacked.

The report further indicates that web security intelligence is a critical part of any mail and data security strategy as shown by the constant popularity of combined risks (spam mails with embedded URLs).

As per Websense, several thousands of Yahoo, Hotmail and Gmail mail accounts had been compromised and password stolen and posted online. This led to a rise in the amount of spam e-mails. Websense Security Labs stated that 85.5% of all e-mails were spam. It also reveals that in H2 2009, 81% of mails carried a harmful link.

The security experts added that conventional antivirus or reputation-based guards were not efficient in providing security against these kinds of risks. Hence, these attacks have become very famous among attackers.

Related article: Malicious Scripts with Zero-byte Padding can Pass Undetected

» SPAMfighter News - 2/13/2010