Hackers’ Website Corruption Was Dramatic in 1Q 2007

Leading IT security and control company Sophos has declared its research results relating to global cyber crime during the 1st quarter of 2007. According to the findings, the overall new items of malware have increased dramatically with prominent trend of selecting the Web by malicious software authors as their preferred choice for distribution.

In the 1st three months of 2007, Sophos detected 23,864 new attacks - twice more than the number during the same period in 2006 when the number of threats was 9,450. Besides this, the volume of infected e-mails has also declined from 1.3%, alternatively 1 in 77 e-mails in the 1st quarter of last year (2006) to only 0.4% or one in every 256 e-mails in 2007.

Over the same time period, Sophos identified an average 5,000 Web pages to be infected per day. As PC users get more familiar with the methods to combat malware trickling from e-mails, hackers are using the Web as a favorite attack medium.

The malware families on the top ten list that websites hosted during 1st quarter of 2007 were - Troj/Fujif -50.8%; Troj/Ifradv -12.1%; Troj/Decdec -10.4%; Mal/Packer -6.3%; JS/EncIFra -5.5%; Mal/FunDF -2.3%; Mal/Psyme -2.2%; Troj/Zlob -2.0%; Mal/Behav -1.2%; and Mal/DelpBanc -0.4%, and Others -6.8%.

Sophos' researchers determined that 70% of vulnerable websites were legitimate sites. They were vulnerable because they did not have proper patches, had poor code or lacked maintenance. They also identified 12.8% sites to host malicious script, while 10.7% of infected websites accounted to Windows malware. Of these Web pages, 4.8% contained adware and 1.1% had porn dialers.

That a number of websites are becoming victims just because owners fail in their maintenance and update them with patches is most worrisome, said Carole Theriault, a senior security consultant with Sophos in a written statement. DarkREADING reported this on April 24, 2007. A normal Internet user expects sites such the Miami Dolphins to be safe for browsing, but by aiming a wide series of Web pages, scammers have achieved their goal of infecting numerous unsuspecting surfers. Any inappropriately maintained website is vulnerable to hackers' control.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 5/1/2007