Feeds

Beloved websites riddled with crimeware

Web 2.0 malware mash-up madness

Securing Web Applications Made Simple and Scalable

Sixty of the 100 most popular websites either hosted malicious content or linked to malicious websites at some point during the first six months of 2008, according to a new study by web security firm Websense.

Many of these sites include search engine and social networking sites that are becoming a popular target for attackers thanks to their huge user bases allied to inadequate security controls. Open redirects that allow hackers to bounce surfers off well-known sites onto dodgy domains are a big part of this problem, according to Carl Leonard, security research manager EMEA at Websense. SQL injection attacks are also a major cause of grief, he added.

Websense recorded a market increase in drive-by download attacks that involve hackers loading malicious scripts, using tactics such as SQL injection attacks, onto otherwise reputable websites. More than 75 per cent of the Web sites Websense classified as malicious during the 1H 2008 were legitimate websites that had become the victim of cybercrooks. In the past, the majority of malware would crop up on warez and smut sites.

Overall 29 percent of malicious Web attacks included data-stealing code, demonstrating that information pilfering rather than simple mischief is becoming a more and more significant driver of malware creation.

Brazilian and Chinese hackers get all the blame but the majority of spyware sends its information back to systems based in the US.

Around half (46 per cent) of the malware attacks monitored by Websense in the first half of 2008 send data back over the web with connections made to systems in the US in 57.3 per cent of these cases. By comparison, just 6 per cent of spyware phones home to China, only 4.3 per cent pings Russia and a similar 4 per cent hooks up with cybercrooks in Brazil.

Websense's Leonard cautioned that its findings don't necessarily mean malware-spreading cybercrooks are mostly based in the US. "It could be the attacker is located in a different country. cybercrime is international," he said.

In other findings, Websense recorded a marked drop in malicious code created using exploitation kits over recent months. It reckons VXers are using customised attacks more often in an attempt to bypass signature detection tools that are likely to block the product of rudimentary malware creation toolkits.

A summary of Websense's latest research can be found here. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.