The annual HP TippingPoint DVLabs security survey has shown a huge increase in the number of automated toolkits aimed at web exploits.
The 2010 report found that web exploits accounted for 49 per cent of all reported vulnerabilities, against a 10 per cent increase in overall flaws found last year. Attackers are focusing on this area with new automated tools the company said.
In the past five years the researchers have seen an explosion in the number of malware toolkits aimed at exploiting web vulnerabilities.
Such software is easy to use, very effective and highly profitable, and the design of modern kits mimics conventional content management systems in appearance and in servicing the needs of users.
"Malware writers are making more money from services than from selling the toolkits," Mike Dausin, manager of advanced security intelligence at HP TippingPoint DVLabs, told V3.co.uk.
"Services are very valuable for the success of a toolkit. The attacker wants maximum effectiveness and can get this by paying more than a one-time fee."
Most malware toolkits contain at least one zero-day exploit, he said, as well as attack tools for flaws which have been patched - some four years old.
The toolkit author then makes extra money by offering services from exploit testing to updating attack software so that it can more easily deal with firewalls.
Overall, the lowest performing kit was still able to penetrate around seven per cent of systems encountered, while the best came close to infecting one in five systems. Prices range from a few hundred dollars to several thousand for the most effective malware kits.
However, security firms are not the only targets for these toolkits. Modern kits, once a host PC has been infected, will seek out any competitor malware and remove it from the system.
"One exploit toolkit can detect if a competitor has already installed other malware, and then cleans up the system to eliminate competition. It's a very capitalist kind of behaviour," Dausin said.
He also reported an excellent response among manufacturers towards the company's Zero Day Initiative, which sets a six-month time limit for the disclosure of vulnerabilities after the manufacturer has been informed of the flaw. Patching rates had tripled since the initiative started, Dausin said.
Addison Lee is working on autonomous taxis for commuting and pleasure
IBM and Technical University of Munich team demonstrate how Shor's algorithm, which can't be cracked by conventional computers, can be solved quickly with quantum computing
Hubble Space Telescope finds superflares from young red dwarfs could strip away planetary atmosphere
Younger stars are 100 to 1,000 times more energetic than when they're older
Two of the big four supermarkets will use the system to control sales of restricted products