The greatest risk of exposure to malicious code on the Web comes, not from fraudulent sites, but legitimate Web pages that have been compromised to include malicious programs, according to a study published last week by Web security firm ScanSafe.
The study, which compared more than 10 billion Web requests from May 2007 and May 2008, found that two-thirds of malicious software, or malware, comes from legitimate sites. While the company saw a 220 percent increase in Web-based malware in a year, software attacks launched from legitimate sites raced ahead, increasing more than 400 percent.
"The compromise techniques being used now allow hackers to quickly colonize thousands of legitimate sites, from big brand name sites like Wal-Mart, to smaller but equally legitimate sites, Mary Landesman, senior security researcher at ScanSafe, said in a statement.
The study is the latest report to find that hackers have moved toward using legitimate sites as a point from which to infect unsuspecting Web visitors. A number of attacks on vulnerabilities Web-site databases and administration tools has allowed attackers to litter legitimate sites with malicious code. In January, Web security firm Websense announced that, for the first time, compromised legitimate sites accounted for 51 percent of all online points of infection.
Browser makers have responded to the danger by incorporating anti-malware features into their software.
The ScanSafe study also found that backdoor and password-stealing software had jumped more than 850 percent in the last year.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos