Feeds

Mass web infections spike to 6 million pages

640k sites out to get you

Choosing a cloud hosting partner with confidence

An estimated 5.8 million pages belonging to 640,000 websites were infected with code designed to launch malware attacks on visitors, according to a report released Tuesday.

The numbers, compiled over the third quarter by security firm Dasient, represent a significant jump in number of legitimate websites that have been compromised. According to numbers Microsoft released on April, some 3 million pages were infected. The number of sites blocked by Google more than doubled between December and August, to almost 350,000.

"The bad guys are significantly taking advantage of attacking servers so they can distribute their malware to a very, very large number of clients," said Dasient co-founder Ameet Ranadive. "A lot of these infections are complex and often pretty obfuscated, so it's difficult for experienced webmasters to figure out what parts of their site have been infected and then to remediate it."

To understand just how hard it is for webmasters to clean up the mess, consider this: In the third quarter, 39.6 percent of compromised sites had been reinfected after trying earlier to clean up the malware. Criminals are often able to attack a site repeatedly because webmasters fail to change passwords or patch vulnerable web applications that led to the initial exploit.

Eleven days ago, ScanSafe, a separate security firm that announced Tuesday it is being acquired by Cisco, reported that more than 2,000 websites were compromised by a mass web infection known as Gumblar. Many of those sites were likely hit in earlier waves and simply reinfected, a ScanSafe researcher said at the time.

An estimated 54.8 percent of the attacks observed by Dasient involved malicious javascript that was injected into compromised sites. iFrames that silently redirected users to malicious sites came in second at 37.1. Dasient has cataloged more than 72,000 unique malware infections involving websites.

The attacks are growing in popularity because they allow criminals to reach large numbers of victims with a minimum amount of effort. For end users who fail to install the latest versions of Adobe Reader, Adobe Flash and other software on their machines, the attacks often result in a "browse and get compromised" scenario, in which their systems are surreptitiously infected simply by visiting the site.

"Hackers are starting to see some success from these attacks and whenever they see success, they continue to invest more," Ranadive said. ®

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.