Malware spreads from email to web

New attacks look for vulnerabilities on legitimate web sites

Over half the world's web based threats are from one virus

Cybercriminals are increasingly preferring to spread their malware via the web than by email, according to the latest figures from vendor Sophos.

The vendor identified 245,790 web pages hosting malicious code were identified in April, averaging at 8,193 infected web pages each day.

Mal/Iframe, dominated the web-based malware chart in April, accounting for nearly half of the world's web threats. Iframe-based malware operates like a growing number of web-based attacks, looking for vulnerabilities on legitimate hosted web sites and injecting malicious code onto the site.

Once a site is infected, unwary visitors without web security, firewall or patches on their PCs, can themselves be infected.

'The Iframe-based attacks are a perfect example of a prolific web threat that targets vulnerable sites,' said Carole Theriault, senior security consultant at Sophos.
'Research shows that a whopping 70 per cent of web-based malware is being hosted on innocent but exploited web sites. Web security has to go beyond blocking web sites based upon category alone.'

China and Hong Kong were responsible for hosting more than half of the infected web sites identified, a significant increase when compared to March, when they were hosting 36 per cent.

China's rise in the chart is primarily due to the country hosting a large proportion of unpatched sites infected with this Iframe malware. However, 90 per cent of all Hong Kong-based hacked web sites detected were infected with Psyme.