Ninety Percent of Malicious Sites are Infected Legitimate Ones

[Peaches]

Ninety Percent of Malicious Sites are Infected Legitimate Ones

More malicious domains created daily than malware

According to a Symantec report 90% of all websites used to spread malware or launch attacks against users are legitimate ones that have been compromised. For over half of the remaining 10%, that are malicious by design, attackers register new domains every day.

The block rate has been on a constant increasing trend since January and in March, the middle of the period considered for this report, over fourty percent of the company clients experienced at least one such incident. The company reveals that 90% of these blocks were caused by attacks distributing traditional malware, while 4% were triggered by pop-up ads, attempts to track the user's behavior or modify how their browser operates.

According to the report the vast majority of malicious pages are now hosted on legit websites that have been compromised and injected with rogue code. "The reality is that infected websites are no longer confined to the 'dodgy' margins of the internet. There are now probably many tens of thousands of them – and 90% are perfectly legitimate, often mainstream sites that, unknown to their owners, have been compromised in some way by the sophisticated, skilled and determined gangs of cyber-criminals who now dominate the online 'underworld'," the MessageLabs researchers write.

More details - http://news.softpedi...es-146838.shtml