A fresh round of attacks aimed at hiding malicious code on legitimate websites this week has prompted warnings to companies to check the vulnerability of their webservers.
The proportion of attacks carried out by injecting code based on the database query language SQL has jumped to 59% from record levels of 46% of blocked code in May, according to security supplier Scansafe.
Research has shown the vast majority of websites are vulnerable to SQL injection, said Steve Moyle, chief technology officer at security firm Secerno.
Scansafe said only 2% of the SQL-injection-style attacks can be detected using traditional signature-based methods.
Moyle said the only way to prevent these kinds of attacks is to specifically block SQL injections, which are designed to get past signature-detection methods.
Charlie Abrahams, EMEA vice-president for trademark monitoring firm Markmonitor, said companies need to use a holistic approach to stay ahead of criminals.
Earlier this month, Scansafe said more than two-thirds of web-based malware is now found on legitimate websites for organisations including Wal-Mart in the US and the Royal Statistical Society in the UK.
Mary Landesman, senior security researcher at Scansafe, said the security firm had seen a 121% increase in the number of malware attacks this week.
She said the number of malicious networks was continuing to increase with 54 different ones being recorded in the first 11 days of June.
According to Landesman, many of the networks are previously suspended domains that have been released with the result that some of those involved in the late May and early June attacks are now active again.
"Not only newly compromised sites are foisting the malware, but any sites previously compromised that have not cleaned up their pages and properly formatted their SQL queries will now once again be serving as conveyor belts for password stealing trojans," Landesman said in her blog.