Advertisement
Promo

Security threats Toolkit in association with http://ad.doubleclick.net/clk;214682528;14505427;f?http://uk.blackberry.com/ataglance/security/

Web-based malware on legit sites soars

Tom Espiner ZDNet.co.uk

Published: 05 Jun 2008 17:30 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The amount of web-based malware on legitimate sites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.

"The compromise techniques being used now allow hackers to quickly 'colonise' thousands of legitimate sites, from big brand-name sites, to smaller but equally legitimate sites," said Mary Landesman, senior security researcher at ScanSafe.

Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned.

Watch this

Whitelisting: The new blacklisting?
Video Story Video Control Panel

The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased 855 percent from May 2007 to May 2008. There was also a 220 percent increase in the amount of Trojans, viruses, and other malicious code being hosted on the web, according to ScanSafe.

"Over the last year malware authors have moved away from direct attacks — attacks in which they directly interact with victims, via social engineering for example — to indirect attacks accomplished through compromised websites," said Landesman.

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
38 out of 67 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

Web Designer

PHP Joomla Senior Web Developer London 40k

Malware Research Project Manager

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Nasa hacker petition presented to Numb...

Sting's wife Trudie Styler and Janis Sharp have presented a petition to Number 10 calling for Nasa hacker Gary McKinnon not to be extradited to the US. Styler, and Sharp, who is... More

Post a comment

UK to appoint cyber-sec tsar?

The UK is to appoint a cyber security tsar along the lines of the US, according to a story in the Telegraph this morning. The story is similar to one that appeared in the Guardian... More

Post a comment

Nokia Siemens denies Iran web snoop

Nokia Siemens has denied providing deep packet inspection capabilities to the Iranian authorities, following an article in the Wall Street Journal on Monday. The WSJ published the... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters