More than two thirds of
web-based malware is now found on
legitimate web sites, according to a report by
security supplier Scansafe, an
increase of 407% compared with May 2007.
Mary Landesman, senior security researcher at Scansafe, said
hackers had moved away from direct attacks like social
engineering to focus on indirect attacks that use trusted brand
names.
"You absolutely cannot assume that because you are well known
site that it is safe. Currently, thousands of legitimate web sites
are being compromised daily," Mary Landesman said.
The report said there had also been a 220% increase in the
different kinds of web-based malware in the past year.
Authentication-bypass and password stealing malware grew the
fastest with an 855% increase, which put sensitive corporate data
at serious risk, said Scansafe.
Since October last year there have been
hundreds of thousands of mainly China-based attacks, in which
hackers passed malicious code to visitors on legitimate
websites.
Visitors' computers are infected when they are redirected to
malicious servers using a
code injection method based on the
database query language SQL.
In the latest round of SQL-injection attacks this week,
Wal-Mart's website was compromised by exploiting a weakness in
Adobe's Flash Player software.
Hackers targeted several UK sites, including those of the Royal
Statistical Society, National Media Museum, Skills for Care, and a
number of businesses.
Landesman said the attacks were interesting because a much
larger number malicious networks and servers were used than in the
past.
"Looks like either the attacker has changed tactics, or we've a
copycat on our hands," Landesman
said in her blog.