Most Malware Pages are ‘Hacked’ Legitimate Sites

During the eight months from December 2006 to July 2007, the total number of Websites hosting malware increased six-fold from 5,000 per day to more than 30,000, according to records from Sophos. Of these, criminals owned and ran only 20% because the rest were legitimate sites being exploited by malware, which shows the extent of danger on regular sites.

Hackers' attacks targeting regular Web pages are no surprise. Business organizations generally don't impose strict restrictions on its employees about accessing the malware-hosting Websites. Above all, since these sites already receive their own flow of traffic, hackers don't have to take the trouble of trying to lure less savvy Web surfers, said Carole Theriault, senior security consultant at Sophos. ZD Net Australia published Theriault's remarks on August 3, 2007.

As organizations adopt positive steps to protect their e-mail from online attacks, criminals are turning to drive-by assaults on legitimate Websites, said Paul Ducklin, chief of technology at Sophos in a statement. ZD Net Australia published Ducklin's statement on August 3, 2007.

Adam Biviano, Australian premium services manager at Trend Micro, said that people in general are becoming familiar about threats on e-mail so they have started to use the Web as the next suitable avenue for e-communication. But still, they can encounter threats of drive-by attacks. It only requires browsing the website to get the system infected. ZD Net Australia reported this on August 3, 2007.

According to Sophos, e-mails containing malware have drastically declined from one in 40 some years back to one in 400 now. Ducklin said that after reaching the point of maximum returns from e-mail scams, cyber criminals are now getting returns at diminishing rates so they are focusing on the Web route as a more successful method for harvesting information.

Sophos observes that inserting links to infected Web pages into e-mail attachments is currently the chosen malware vector rather than sending malware directly through e-mail attachments. Sophos' research further indicates that China, Russia and US host 86% of the world's malicious Websites and criminals there popularly use stupefying JavaScript and iFrames to deliver the malicious codes.

Related article: Most Malware Use File Packing To Escape Detection

» SPAMfighter News - 8/17/2007