Six-fold Increase in Infected Websites

A massive number of web pages from regular sites have been infected, reports security vendor Sophos. Therefore, website operators are being asked to lock their servers.

There has been a six-fold increase in the number of web pages hosting malware in less than a year in 2007. In the beginning of 2007, Sophos was tracking approximately 4950 infected Web sites per day. That figure has increased to over 29,600 by the end of June 2007.

The increasing trend of hacking legitimate websites to send out malware rather than craft special websites is indeed worrying. People may visit many sites thinking they are free from danger, but it is possible that the sites would infect individual PCs or company networks, said Graham Cluley, senior technology consultant for Sophos. Zdnet reported this on July 25, 2007.

According to The Biannual Security Threat report by Sophos, a vast majority of 80% of those hijacked web pages is actually from legitimate sites holding malicious code that would exploit the web servers' vulnerabilities. A visit to even one of these malicious pages could bring infection on a user's computer through Trojans, adware, spyware or other undesirable applications.

Sophos report also said that a little over half (i.e. 51%) of the malware-stricken websites are on Apache run servers. Apache is the open-source software for Web server. Meanwhile, Microsoft's Internet Information Services or IIS Web server was responsible for 34% of malicious or compromised systems. Both the figures follow the course of Web server market share, said Netcraft Ltd., a UK-based Internet measuring company.

In a recent instance (June 2007), a group of 10,000 regular websites were used to launch attacks. These sites were hosted on Italian servers that were hacked by exploiting vulnerability. Then the multiple exploit toolkit Mpack was loaded on these servers to capture the PCs that visited their sites.

According to Sophos findings, US was the highest spam-sending nation accounting for 19.2% of total spam. China followed next with 7.7% while South Korea was at 6.7%. Australia occupied the 36th position in the list of spam-producing countries.

Related article: SEC Imposes Trading Ban on 35 Companies

» SPAMfighter News - 8/7/2007