Websites With Malicious Code Increases Every Month in 2007
There has been an explosion in malware-hosting websites over the recent months. Such sites increased from 5,000 new ones per day in April to 30,000 per day in June 2007.
In May this year, Sophos detected on average 9,500 new corrupt web pages every day that was 1,000 more daily compared to the previous month (April '07). In total the security firm identified 304,000 malicious web pages in May 2007. Sophos researchers have also been locating 29,700 new infected web pages daily in June, and 80% of these belonged to legitimate sites commandeered by criminals.
Sophos statistics indicate that there is a continuous threat from infected web pages that affect government websites and also other reputed sites.
Carole Theriault, a senior security consultant for Sophos cited two reasons for this marked increase. DarkReading.com published this in news on July 2, 2007.
According to the first reason, hackers are shifting their preference from e-mail as the medium to spread malware to websites where they would inject malicious code. Although sometimes they create malicious sites, which they operate themselves but more often they take over existing legitimate sites and plant malicious code into them.
The other reason relates to iFrame, which becomes active by injecting malware into legitimate sites. In May 2007, Sophos found that iFrames constituted two-thirds of total web-based threats. This iFrame malware caused major infection in June websites as well. IFrame headed Sophos' list of Top 10 malware Threats in June accounting for 75% of all infected web pages globally.
The well-known attack on numerous Italian websites was by injecting iFrame. Sophos had reported that hackers infected over 10,000 web pages in this attack where most of them were on hijacked legitimate Italian sites.
This iFrame attack on multiple sites hosted in Italy should certainly alert ISPs worldwide, said Theriault. Dumping of malicious code on these sites is bound to infect innocent surfers, he said. The security of websites should be like that of Fort Knox. Unfortunately, cyber criminals at the moment are picking on a large number of web pages quite easily, Theriault said.
Related article: Websites – The Latest Weapon in The Hands of Phishers
» SPAMfighter News - 20-07-2007