Malware threats more than doubled in the first three months of
the year, said internet security firm Sophos.
In the first quarter of 2007, Sophos identified 23,864 new
threats - more than double the number found in the same period last
year when the company identified 9,450,
causing concern for security bosses.
At the same time, the percentage of infected email has dropped
from 1.3%, or one in 77 emails in the first three months of 2006,
to one in 256, or just 0.4 percent in 2007.
But from January to the end of March, Sophos identified an
average of 5,000 new infected webpages every day, indicating that
this route to infection is becoming more popular with
cybercriminals.
With computer users becoming increasingly aware of how to
protect against email-aware viruses and malware, hackers have
turned to the web as their preferred vector of attack, said
Sophos.
Not all of the infected websites were created by the hackers
themselves. Sophos has found that the majority
- 70% - were bonafide websites that were vulnerable to attack
because they were unpatched, poorly coded or had not been
maintained by their owners.
The most high profile website infection of the quarter happened
in February, when hackers placed malicious script, identified as
Mal/Packer on the official Miami Dolphins website.
The American football team was due to host the Super Bowl the
weekend after this happened, so its site was an extremely popular
destination for web surfers at the time.
The top ten malware families hosted on websites in the first
three months of
2007 were as follows:
1. Troj/Fujif 50.8%
2. Troj/Ifradv 12.1%
3. Troj/Decdec 10.4%
4. Mal/Packer 6.3%
5. JS/EncIFra 5.5%
6. Mal/FunDF 2.3%
7. Mal/Psyme 2.2%
8. Troj/Zlob 2.0%
9. Mal/Behav 1.2%
10. Mal/DelpBanc 0.4%
Others 6.8%
UK outside spammers' 'dirty dozen'>>
Preventing malware with tools and security
education>>
NASA hacker loses US extradition appeal>>
Miami Dophins>>