ZDNet UK - Where Technology Means Business

ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Web-based malware on legit sites soars

Tom Espiner ZDNet.co.uk

Published: 05 Jun 2008 17:30 BST

The amount of web-based malware on legitimate sites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.

"The compromise techniques being used now allow hackers to quickly 'colonise' thousands of legitimate sites, from big brand-name sites, to smaller but equally legitimate sites," said Mary Landesman, senior security researcher at ScanSafe.

Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned.

Watch this

Whitelisting: The new blacklisting?

The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased 855 percent from May 2007 to May 2008. There was also a 220 percent increase in the amount of Trojans, viruses, and other malicious code being hosted on the web, according to ScanSafe.

"Over the last year malware authors have moved away from direct attacks — attacks in which they directly interact with victims, via social engineering for example — to indirect attacks accomplished through compromised websites," said Landesman.

Did you find this article useful?
33 out of 62 people found this useful

Full Talkback thread

0 comments

Related Links

Most Recent
Most Popular
Most Discussed

More In Security threats

Company/Topic Alerts

Create a new alert from the list below:

Install Flash Player Plugin

Nasa and the virus

Yesterday the BBC ran a story about a computer virus making it into orbit, which I read with incredulity. OK, it's a nice silly season story on the surface, but what really got me was... More

Customer data found on eBay server hig...

The recent news about customer details being retrieved from a server sold on eBay is yet another story about the sorry state of information security in the electronic age (see: http://news.zdnet.co.uk/...m).... More

Does it matter if you are an aardvark...

In spam terms, apparently it does. According to Cambridge University security expert Richard Clayton, if your email address is aardvark at animal.net, you are more likely to receive... More

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers

Skip Sub Navigation Links to CNET Brand Links

About CNET Networks UK

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved