
Security experts at the anti-malware company attribute this to the Mal/Iframe threat, which has dominated the threat landscape last month, accounting for nearly half of all the world’s web attacks. This form of attack exploits vulnerabilities on legitimate sites to install malicious code on to the webpages. Users become infected after visiting the site.
"The Iframe-based attacks are a perfect example of a prolific web threat that targets vulnerable sites," said Carole Theriault, senior security consultant at Sophos. “People are lured to these innocent but compromised webpages via cleverly worded email invitations. Web security has to go beyond blocking websites based upon category alone."
According to the research China and Hong Kong host more than half (56 percent) of the infected sites detected by Sophos last month, a 20 percent increase when compared to March. The report claims this is due to China hosting a large chunk of unpatched websites infected with the Iframe malware.