Feeds

Mass web infections spike to 6 million pages

640k sites out to get you

Top 5 reasons to deploy VMware with Tegile

An estimated 5.8 million pages belonging to 640,000 websites were infected with code designed to launch malware attacks on visitors, according to a report released Tuesday.

The numbers, compiled over the third quarter by security firm Dasient, represent a significant jump in number of legitimate websites that have been compromised. According to numbers Microsoft released on April, some 3 million pages were infected. The number of sites blocked by Google more than doubled between December and August, to almost 350,000.

"The bad guys are significantly taking advantage of attacking servers so they can distribute their malware to a very, very large number of clients," said Dasient co-founder Ameet Ranadive. "A lot of these infections are complex and often pretty obfuscated, so it's difficult for experienced webmasters to figure out what parts of their site have been infected and then to remediate it."

To understand just how hard it is for webmasters to clean up the mess, consider this: In the third quarter, 39.6 percent of compromised sites had been reinfected after trying earlier to clean up the malware. Criminals are often able to attack a site repeatedly because webmasters fail to change passwords or patch vulnerable web applications that led to the initial exploit.

Eleven days ago, ScanSafe, a separate security firm that announced Tuesday it is being acquired by Cisco, reported that more than 2,000 websites were compromised by a mass web infection known as Gumblar. Many of those sites were likely hit in earlier waves and simply reinfected, a ScanSafe researcher said at the time.

An estimated 54.8 percent of the attacks observed by Dasient involved malicious javascript that was injected into compromised sites. iFrames that silently redirected users to malicious sites came in second at 37.1. Dasient has cataloged more than 72,000 unique malware infections involving websites.

The attacks are growing in popularity because they allow criminals to reach large numbers of victims with a minimum amount of effort. For end users who fail to install the latest versions of Adobe Reader, Adobe Flash and other software on their machines, the attacks often result in a "browse and get compromised" scenario, in which their systems are surreptitiously infected simply by visiting the site.

"Hackers are starting to see some success from these attacks and whenever they see success, they continue to invest more," Ranadive said. ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.