All the latest UK technology news, reviews and analysis


Malware-servicing websites rocket 600 percent, say researchers

14 Feb 2013
Security padlock image

The number of malware-serving websites has rocketed 600 percent over the past year, according to researchers.

Security firm WebSense said that attackers are increasingly looking to construct websites which contain automated attack code. While some pages are deliberately built to serve malware, WebSense estimates that as many as 85 percent are otherwise legitimate pages which have been compromised.

"These attacks were staged predominantly on legitimate sites and challenge traditional approaches to security and trust," explained Websense Security Labs vice president Charles Renert.

"The timed, targeted nature of these advanced threats indicates a new breed of sophisticated attacker who is intent on compromising increasingly higher-yield targets."

The growth in attack sites coincides with a rise in the use of automated exploit kits. The attack kits, which can cost hundreds of dollars, are able to inject code into a web page which automatically attempts to perform exploits on a number of common vulnerabilities.

More sophisticated packages can also screen for operating systems, browser type and version number.

In addition to the rise in malicious pages, researchers believe that Trojan downloaders are becoming more efficient in infecting users. WebSense reported that half of the downloaded malware it observed will download and execute additional malicious applications within 60 seconds of installation.

Websites containing malware were most likely to target audiences in the US, Russia and China. Those three countries were also the most likely to house the command servers behind the malware, although China was a more common location than the US.

Websense also logged increases in social networking and mobile malware. Researchers noted that 32 percent of malicious links on social networks were now using URL-shortening tools to obfuscate themselves, making detection by end-users more difficult.

For mobile malware, the 'Trojan' approach is growing in popularity. Websense found that one in every 10 malicious applications attempted to download and install additional applications, a common technique in desktop malware.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Microsoft Azure outage

Is cloud computing reliable enough for business yet?
16%
6%
12%
66%

Popular Threads

Powered by Disqus
Samsung Galaxy S5 has a 5.1in 1080p HD Super AMOLED screen

Galaxy S5 waterproof claims tested out

We test whether Samsung's latest flagship really can repel water

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

IT Helpdesk / Support Analyst - MS Windows, Office

IT Helpdesk / Support Analyst - MS Windows, Office...

Support Engineer - Windows, MS Office

Support Engineer - Windows, MS Office Support Engineer...

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office 2010, Windows 7

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office...

Technical Support Analyst / Service Desk Analyst (Legal, MS Office, ITIL) - 24/7

Technical Support Analyst / Service Desk Analyst (Legal...
To send to more than one email address, simply separate each address with a comma.