[ISN] Report: Nearly 6 Million Infected Web Pages Across 640K Compromised Sites

From: InfoSec News <alerts_at_private>
Date: Wed, 28 Oct 2009 00:32:34 -0600 (CST)
http://www.darkreading.com/securityservices/security/app-security/showArticle.jhtml?articleID=220900638

By Kelly Jackson Higgins
DarkReading
Oct 27, 2009

More Websites are compromised today than ever, and about one-fifth of 
the pages on each newly compromised Website were infected as of this 
year's third quarter, according to new data gathered from real-time Web 
malware monitoring service provider Dasient.

Dasient, a startup whose co-founders include two former Google 
engineers, found 5.8 million individual Web pages infected across 
640,000 compromised Websites. That represents a major increase from 
Microsoft's report in April of some 3 million infected pages, according 
to Dasient, which runs a behavioral-based service to diagnose infected 
Websites.

Ameet Ranadive, one of Dasient's co-founders and a former strategy 
consultant at McKinsey, says his company also detected more than 52,000 
unique types of Web malware in the quarter. "Hackers are starting to see 
success here with Web-based attacks, so they are investing more in 
them," he says. "Websites are becoming more complex, and you have more 
Websites matching content, sourcing, and [banner] ads...creating 
opportunities to inject malicious content."

Among newly compromised Websites of 10 pages or more, nearly 20 percent 
of their pages were infected. The bad guys have been infecting more 
pages as a way to score more victims. "The more parts of a site that 
have been infected, the more difficult and challenging that it is to 
remediate and detect it," Ranadive says.

Reinfection of Websites is becoming a big problem, too: Of all the sites 
infected during the quarter, 39.6 percent were reinfected again during 
that period. That may be in part due to increasingly more complex and 
obfuscated malware that's hard to kill. "If a site is not [fully] 
clean...they are not only at risk, but at risk multiple times," Ranadive 
says.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Tue Oct 27 2009 - 23:32:34 PDT

This archive was generated by hypermail 2.2.0 : Tue Oct 27 2009 - 23:40:27 PDT