Legitimate web sites hosting malware

"Drive-by" infections used to be the preserve of criminal sites only

Trojan horse viruses are spreading through social networking sites

Malware is more prevalent than ever and can now be downloaded unwittingly by visitors to legitimate web sites, according to security supplier Websense.

So-called "drive-by" downloads are usually the preserve of illegitimate web sites.

But hackers have found a way of hosting their malware on third-party web sites, said Websense vice president Dan Hubbard.

"More and more, attackers are compromising legitimate Web sites to infect visitors with information-stealing code or to add users’ machines to botnets," he said.

In August last year visitors to the United Nations' HIV/AIDS Asia Pacific portal inadvertently downloaded a Trojan horse that infected their computers with malicious code.

And criminals are also using social networking web sites to spread viruses.

In September last year malware spread through Myspace infected users with a Trojan that recruited their machines to a world-wide botnet.

Social networking sites are particularly vulnerable to exploitation because they offer easy routes to new machines.