Cyber-criminalsare shifting from
using e-mail to using web pages as their main route to compromising
computers, according to security software supplier
Sophos.
Sophos is trapping almost 30,000 new malicious web pages a day
in its honeypots, a six-fold rise in six months, said Sophos's
senior technology consultant, Graham Cluley.
Speaking at the launch of Sophos's half-yearly
e-crime report, Cluley said the rise is a sign of the growing
industrialisation of computer crime.
"The attacks are also getting sneakier," he said. "Once
attackers wanted the bragging rights, now they want to stay hidden
for as long as possible."
Cluley said most attacks were designed to harvest personal and
company data, and to create
botnets that attackers could rent out for spamming, denial of
service, and other forms of compromise.
"We are also seeing women being stalked online and more
politically motivated attacks, such as the recent incidents of
Russia and Estonia, and India and Pakistan," Cluley said.
The main threats came from China and the US, but Cluley said
they had traced one attack that used a "Sexy pix of Britney" spam
attack in the UK that led to a website via a compromised server in
New York state. This led to Beijing and Rostov, where it picked up
an
Trojan horse for collecting bank account details, before ending
up in Rio de Janiero.
"But that is not necessarily where it ended it is just that the
trail ran dead in Brazil," Cluely said.
Cluley said Apache servers were compromised in 51% of attacks,
with Microsoft servers involved in 43%.
Top web-based threats of 2007
The top-ten list of web-based malware hosted on infected
sites during the first six months of 2007 reads as
follows:
1. Mal/Iframe 49.2%
2. Troj/Fujif 7.9%
3. JS/EncIFra 7.3%
4. Troj/Psyme 8.3%
5. Troj/Decdec 6.9%
6. Troj/Ifradv 4.1%
7. Mal/ObfJS 2.5%
8. Mal/Packer 1.5%
9. VBS/Redlof 1.1%
10. Mal/FunDF 0.9%
Other 10.3%
Source: Sophos
Comment on this article:
computer.weekly@rbi.co.uk