Malware Infection Spread through 5,000 Sites Every Day

Instead of improving, malware is getting even worse. It appears that despite the best efforts of many security companies and software developers to reduce malware infections, the problem is increasing. Every day an average of 5,000 additional sites host malware.

That number reached a peak level of 8,000 in April this year, according to an estimate by Ron O'Brien, a senior security analyst in the Sophos offices at Burlington, Massachusetts. Sophos is a network security organization of international stature. ECOMMERCE Times reported this on May 18, 2007. This is not far from when Google estimated that every1 in 10 sites was compromised or injected with malware.

Previously, malware developers delivered their infections to victims through e-mail attachments and even achieved success in doing that. But with the growth in user wisdom about the techniques of spam artists, those methods started to become ineffective, O'Brien explained. Only a year ago one in every 40 e-mails carried a virus, now that the number has reduced to one out of 300, he said.

O'Brien further explained that malware creators increased their success rates by putting URLs in their spam emails because they discovered that recipients had a greater tendency to click on a Web site link rather than click on an attachment.

So, the current trend is to send e-mails that have embedded links leading to Web sites that host malicious content instead of delivering e-mails infected with viruses and other malware, he added.

Researchers analyzed about 4.5 million URLs to find that nearly 450,000 or 10 percent were initiating drive-by downloads.

O'Brien points out that these sites are not which turn up suddenly from nowhere while performing a normal browsing. The creators of these sites continue to confront the difficulty of luring users to visit them unknowingly, such as via e-mail, hijacking another site, or selling ad banners loaded with malware.

However, one aspect of malware creation is certain. The malicious users aren't doing everything just for fun or to create problems as they used to do previously. Now money is the biggest reason behind this act of theirs. malware induced activities have assumed themselves as business and it appears to be highly lucrative.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 5/24/2007