Regular domains beat smut sites at hosting malware
99 to 1, study finds
New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the web are likely to avoid exposure to malware.
HTML files from sub-domain blackberry.vodafone.co.uk still contain malicious code at the time of writing but point to a site containing the attack payload site that has been pulled offline.
"Users browsing Vodafone domain should be safe - until new hack/updated hack will be performed," Avast researcher Miloslav Korenko told The Reg. "This may happen in the same way as the first hack.
"Of course, the Blackberry section of Vodafone.co.uk website needs to be cleaned as well - to prevent future attack similar to this one."
We have passed on details of the problem to Vodafone and will update this story as and when we get a response.
The type of attack against Vodafone is typical of one in five of the website infections identified by Avast. The anti-virus firm's results were culled from anonymous security incident logs submitted by users of its security software since the middle of last year. Data submitted includes information on the malware type and visited website, from which Avast draws its conclusions that infection of regular legitimate websites is a far more common cause of problems than visits to smut sites.
Infected sites recorded by the study include Brazilian software download site Baixaki and a variety of small business websites in Germany. Avast said a declining rate of the infections on ‘adult’ websites during its study emerged as a clear trend.
"We are not recommending people to start searching for erotic content but the statistics are clear - for every infected adult domain we identify there are 99 others with perfectly legitimate content that are also infected," commented Avast CTO Ondrej Vlcek. ®