Hackers have infected over 380,000 new webpages with malware
since the beginning of September, according to security firm
Sophos.
This represents a new infection every five seconds.
The firm said more than 90% of these web pages belong to
legitimate sites that have been compromised through hacking
techniques such as
SQL injection.
Recent victims include BusinessWeek, Unicef, UK government sites
and the International Tennis Federation.
This means a large number of websites being visited by
businesses pose a
threat
because simply visiting a site can infect unprotected users.
Sophos has announced a new service to notify website
administrators if their site is hosting malicious code.
Carole Theriault, senior security consultant at Sophos, said the
WebAlert service provides companies with visibility as to whether
their websites are being attacked.
"For too long it has been child's play for hackers to infect
websites without the owner of the site ever being aware. Many firms
have still not coded their websites correctly or taken the
preventative measures necessary to stop infections like this
occurring," she said.