(Page 1 of 4 )
Malware has grown to the point where the attackers no longer seek out the victims directly through email, but instead let the victim come to them through an enticing website advertisement. They hide within the sites like a crime syndicate using waste management as a front to run their criminal organization, only these guys aren't as lovable as Tony Soprano.
There has been news recently coming from the security watchers over at Sophos that has shed more light on the always-disturbing trend of website hacking. Malware-serving web pages were detected at a rate of 6000 per day; that's 2 million a year or one every 14 seconds. And the fact that they were figuring conservatively only adds to the concern web masters should have regarding their sites' vulnerability and security. This is because over 80% of the hacked sites belonged to innocent, unsuspecting users, usually those with sites offering some kind of service for sale through the site.
As I've been hinting at, drive by-downloads from compromised sites has become the increasingly popular trend. In a report published in May of 2007, Google mentioned that at least one in ten web pages are infected with malware. Niels Provos, one of the Google researchers had this to say: "Even a single visit to an infected website enables the attacker to detect vulnerabilities in the user's applications and force the download of a multitude of malware binaries."
The reason for this increase in drive-by download malware distribution is the Web 2.0 feature that allows for more user feedback on sites that have the designated application. These applications, which are often not kept up to date, are easily compromised when used on top of a simple web browser. The most common methods of compromising a site were “Web server security, user-contributed content, advertising and third party agents.”
The most installed type of malware was Trojan horses, which as the name suggests, is software that appears to perform one action, but instead performs something totally different, like a computer virus. In the case of drive by downloads, the software code puts a user's system under the remote control of a hacker, thereby turning the user's PC into a zombie.
The next section will go into the specifics of what happens to an infected PC, so keep reading if you would like to find out.
More Web Hosting News Articles
More By Michael Lowry