The security software-as-a-service provider reported that 68 percent of all Web-based malware it blocked on behalf of its enterprise customers last month was found on legitimate sites, up more than 407 percent compared to the same time last year.
SQL injection attacks are the most common cause of these sites became compromised, according to ScanSafe. This method of attack is designed to deliver "password stealers and backdoors to visitors’ computers", the firm said.
“The criminals are leveraging the popularity of these web sites - when you compromise a site drawing hundreds of thousands of visitors a day it's a much faster way to reach [a large audience]," said ScanSafe senior researcher, Mary Landesman.
"In terms of what IT managers can do for theri own web servers; OWASP is an open web app security project offering tools and technologies to assist the web site owner."
In related security news, Raimund Genes, chief technology officer of Web security vendor TrendMicro, has hit out at current malware testing techniques, labeling them "antiquated".
The firm has said it will no longer support testing by Virus Bulletin – regarded as one of the premier independent testers in the anti-virus industry – because of the organisation's failure to recognise modern testing techniques such as behavioural analysis and heuristics.
He added that widespread testing methodologies such as pattern matching and whitelisting are not effective in detecting modern day threats, which are ever-changing and more covert.
"Testing procedures and methodologies were developed twenty years ago when incidents were isolated and viruses were written for fun," Genes argued.
"As long as malware is tested in an isolated lab environment with no internet connection, it is not relevant – security companies want independent testing in real-life scenarios."
Genes explained that the major security vendors which are members of industry body the Anti Malware Testing Standards Organisation (AMTSO), are currently working towards new testing methodologies.