Website infected every 3.6 seconds

By Angela Moscaritolo on Jul 23, 2009 11:02AM

Infected websites have been the single biggest threat over the past six months, and the threat vectors that have seen the most growth are Web 2.0 and social networking technologies, according to a report released this week by security firm Sophos.

Approximately 23,500 infected webpages are discovered every day - which amounts to a new infection every 3.6 seconds - according to the report. That infection rate is faster than in 2008, during which the first half of that year saw a newly-infected website being identified every 4.5 seconds.

“Compromised sites are the threat that people are most likely to encounter,” Sophos' Richard Wang said.

Over the past few months, security firms have frequently warned about a number of the mass-compromise attacks, such as Gumblar, Belanden or Nine-Ball, all of which were said to have compromised tens of thousands of legitimate sites by injecting them with malicious code that redirects users to malware.

Another increasingly worrisome problem for organisations are threats originating from social networks, according to the report. Going forward, cybercriminals will continue to try out different techniques utilising Web 2.0 technology, such as writing code that works across social networks, Wang said.

Recently, one piece of malware distributed through Facebook was designed to steal Twitter credentials. It then aimed to send posts from compromised Twitter accounts directing users to malicious websites, Wang said. According to the report, a quarter of businesses have already been victims of spam, phishing or malware attacks propagated on social networking sites like Twitter, Facebook, Myspace and LinkedIn.

“IT departments have been saying for years, 'don't click on spam and open attachments,' but haven't gotten across that social networks can also be sources of potentially dangerous material,” Wang said.

In addition, social networking sites themselves are to blame for this trend, having grown quickly without putting adequate security in place to keep users secure, Graham Cluley, Sophos' senior technology consultant, told SCMagazineUS.com.

“They have very successfully gathered a huge audience, but they are not necessarily keeping them safe,” Cluley said.

Cluley recommended that social networking sites now must do their part by focusing more on security. He said they should be scanning messages sent between social networking users to determine if they are spam. Also, these organisations should analyse traffic for suspicious behavior – if hundreds of Tweets all say the exact same thing, for example, they may have been posted by compromised accounts.

Besides leveraging Web 2.0 technologies and compromising websites, malware authors have also been diligently writing new exploits during the past six months. Currently 22.5 million identified malware samples are in existence – an all time high, Wang said. Twelve months ago, there were only 12.3 million samples total, he added.

“In the last 12 months the criminals and hackers have written as much malicious software as the total of all the years up to that combined,” Wang said.

In addition, 40,000 new suspicious files are examined every day in Sophos' Lab, the report states.

See original article on scmagazineus.com