/>
X

Malware on 'trusted' websites has quadrupled

The amount of web-based malware hosted by trusted websites has increased by over 400 percent since last year, according to security vendor ScanSafe.
tom-espiner.jpg
Written by Tom Espiner, Senior Reporter on

The amount of web-based malware hosted by trusted websites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.

"The compromise techniques being used now allow hackers to quickly 'colonise' thousands of legitimate sites, from big brand-name sites, to smaller but equally legitimate sites," said Mary Landesman, senior security researcher at ScanSafe.

Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned.

The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased 855 percent from May 2007 to May 2008. There was also a 220 percent increase in the amount of Trojans, viruses, password stealers and other malicious code being hosted on the web, according to ScanSafe.

"Over the last year malware authors have moved away from direct attacks — attacks in which they directly interact with victims, via social engineering for example — to indirect attacks accomplished through compromised websites," said Landesman.

Related

This stuff is better than compressed air for cleaning your dirty tech
img-6864

This stuff is better than compressed air for cleaning your dirty tech

Office Hardware & Appliances
Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release
rusty gears

Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release

Enterprise Software
Google looks to reduce pushback bias in developers' software code review
close up programmer man hand typing on keyboard at computer desktop for input coding language to software for fix bug and defect of system in operation room , technology concept

Google looks to reduce pushback bias in developers' software code review

Developer