Web-based malware on legit sites soars

The amount of web-based malware on legitimate sites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.

"The compromise techniques being used now allow hackers to quickly 'colonise' thousands of legitimate sites, from big brand-name sites, to smaller but equally legitimate sites," said Mary Landesman, senior security researcher at ScanSafe.

Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned.

The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased 855 percent from May 2007 to May 2008. There was also a 220 percent increase in the amount of Trojans, viruses, and other malicious code being hosted on the web, according to ScanSafe.

"Over the last year malware authors have moved away from direct attacks — attacks in which they directly interact with victims, via social engineering for example — to indirect attacks accomplished through compromised websites," said Landesman.