Web threats hit 12-month high

Cyber-criminals are increasingly using web-based malware

The number of new malicious websites rose by 58 per cent in June to its highest level since April 2007, security experts warned today.

The latest MessageLabs Intelligence Report attributed the rise to a jump in the number of spyware and adware sites being blocked.

"Web-based malware has become a dangerous tool in the arsenal of cyber-criminals," said Mark Sunner, chief security analyst at MessageLabs.

"The bad guys know that web-borne attacks are uncharted territory for many computer users and are taking advantage of this in addition to vulnerabilities and weak security in web applications."

Sunner added that businesses that allow employee access to any website, and sites with webmail accounts that have not been scanned by corporate security systems, are at particular risk.

"In April MessageLabs stopped an attack spoofing YouTube videos, not mailed out as links but distributed via user-generated content sites like blogs and links posted on comments pages," said Sunner.

"This is testament to the fact that spammers are using content that historically works, but vary the distribution tactics so as to go relatively unrecognised in their motives."

Activity from the Storm botnet declined from 20 per cent in the first quarter to less than five per cent during the second quarter of 2008.

This has forced spammers to turn to rival botnets like Srizbi which is now responsible for around 40 per cent of all spam.

Despite web threats reaching new levels over the past year, the amount of spam, viruses and phishing attacks blocked by MessageLabs remained steady compared with May 2008.