Rise of web-based malware in 2007
A survey by IT security and control firm Sophos into worldwide cyber-crime activity during the first three months of 2007 revealed that the overall number of new pieces of malware has grown dramatically, with the majority of malicious code writers...
A survey by IT security and control firm Sophos into worldwide cyber-crime activity during the first three months of 2007 revealed that the overall number of new pieces of malware has grown dramatically, with the majority of malicious code writers selecting the web as its playground of choice.
In the first quarter of 2007, Sophos identified 23,864 new threats - more than double the number found in the same period last year when the company identified 9,450. At the same time, the percentage of infected e-mail has dropped from 1.3 per cent, or one in 77 e-mails in the first three months of 2006, to one in 256, or just 0.4 per cent in 2007.
From January to the end of March, Sophos identified an average of 5,000 new infected web pages every day, indicating that this route to infection is becoming more popular with cyber-criminals. With computer users becoming increasingly aware of how to protect against e-mail-aware viruses and malware, hackers have turned to the web as their preferred vector of attack, the company said.
Not all of the infected websites were created by the hackers themselves. Sophos has found that the majority, 70 per cent, were bona fide websites that were vulnerable to attack because they were unpatched, poorly coded or had not been maintained by their owners. A further 12.8 per cent were hosting malicious script while Windows malware was responsible for infecting 10.7 per cent. Adware was found on 4.8 per cent of these pages and porn diallers on 1.1 per cent.
Sophos recommends that businesses deploy web security solutions that not only filter based on website categorisation but that properly inspect the code of every website before granting access.
In another incident in March this year, cyber-criminals used spam campaigns to lure users to hacked sites in an attempt to sell goods. Legitimate websites with PHP vulnerabilities were hacked, redirecting visitors to a pharmaceutical store selling drugs. By using legitimate URLs in their spam messages, they were able to avoid less sophisticated spam filters, and when the victim clicked on the link they went to a genuine website only to then be automatically redirected to the hackers' site.
"What's most worrying is that so many websites are falling victim because the owners are failing to properly maintain them and keep up-to-date with their patches," explained Carole Theriault, senior security consultant at Sophos.
The top countries hosting web-based malware in Q1 2007 were China (41.1 per cent), the United States (29.2 per cent) and Russia (4.6 per cent).
There has been a dramatic increase in the number of hacked sites hosted by China, which is now responsible for hosting over a third of all web-based malware, taking top position from the United States that led the chart at the end of 2006.
"China has traditionally had a bad reputation when it comes to cyber-crime, consistently coming in the top two spam relaying countries month after month, so its position in this chart should come as no real surprise," explained Ms Theriault.
Earlier last month, Sophos revealed that there was a surprise newcomer to the dirty dozen spam relaying countries. Having never made an appearance in this chart previously, Poland made a dramatic entry at number three and was responsible for relaying 7.4 per cent of all the world's spam. From January to March 2007, one in 20 of all spam messages worldwide was sent via Polish Telecom.
In total, the amount of spam relayed in Q1 2007 has increased by 4.2 per cent over the same period last year.
Sophos security software is available from local distributor Shireburn Ltd. More information at www.shireburn.com
In the first quarter of 2007, Sophos identified 23,864 new threats - more than double the number found in the same period last year when the company identified 9,450. At the same time, the percentage of infected e-mail has dropped from 1.3 per cent, or one in 77 e-mails in the first three months of 2006, to one in 256, or just 0.4 per cent in 2007.
From January to the end of March, Sophos identified an average of 5,000 new infected web pages every day, indicating that this route to infection is becoming more popular with cyber-criminals. With computer users becoming increasingly aware of how to protect against e-mail-aware viruses and malware, hackers have turned to the web as their preferred vector of attack, the company said.
Not all of the infected websites were created by the hackers themselves. Sophos has found that the majority, 70 per cent, were bona fide websites that were vulnerable to attack because they were unpatched, poorly coded or had not been maintained by their owners. A further 12.8 per cent were hosting malicious script while Windows malware was responsible for infecting 10.7 per cent. Adware was found on 4.8 per cent of these pages and porn diallers on 1.1 per cent.
Sophos recommends that businesses deploy web security solutions that not only filter based on website categorisation but that properly inspect the code of every website before granting access.
In another incident in March this year, cyber-criminals used spam campaigns to lure users to hacked sites in an attempt to sell goods. Legitimate websites with PHP vulnerabilities were hacked, redirecting visitors to a pharmaceutical store selling drugs. By using legitimate URLs in their spam messages, they were able to avoid less sophisticated spam filters, and when the victim clicked on the link they went to a genuine website only to then be automatically redirected to the hackers' site.
"What's most worrying is that so many websites are falling victim because the owners are failing to properly maintain them and keep up-to-date with their patches," explained Carole Theriault, senior security consultant at Sophos.
The top countries hosting web-based malware in Q1 2007 were China (41.1 per cent), the United States (29.2 per cent) and Russia (4.6 per cent).
There has been a dramatic increase in the number of hacked sites hosted by China, which is now responsible for hosting over a third of all web-based malware, taking top position from the United States that led the chart at the end of 2006.
"China has traditionally had a bad reputation when it comes to cyber-crime, consistently coming in the top two spam relaying countries month after month, so its position in this chart should come as no real surprise," explained Ms Theriault.
Earlier last month, Sophos revealed that there was a surprise newcomer to the dirty dozen spam relaying countries. Having never made an appearance in this chart previously, Poland made a dramatic entry at number three and was responsible for relaying 7.4 per cent of all the world's spam. From January to March 2007, one in 20 of all spam messages worldwide was sent via Polish Telecom.
In total, the amount of spam relayed in Q1 2007 has increased by 4.2 per cent over the same period last year.
Sophos security software is available from local distributor Shireburn Ltd. More information at www.shireburn.com