The majority of the web’s most visited sites pose security threats, according to research by security vendor Websense. The research found that 61 of the Internet’s top 100 sites were either hosting malicious content or containing a masked redirect to a malicious website in the last year.
The number of malicious web sites on the Internet has grown almost 700% on the same time last year, and 77% of these are legitimate sites that have been compromised by malicious code.
The study found many of these breaches were the result of three large-scale SQL injection campaigns, named Gumblar, Beladen and Nine Ball, which utilised ‘drive-by’ exploits to install Trojan downloaders on more than 40,000 legitimate web sites.
Botnet-based SQL injection attacks have become increasingly popular ever since the Asprox botnet demonstrated that automating a relatively low-level ‘script-kiddy’ attack could be very successful.
Such attacks send database commands to servers through poorly-coded entry fields on web pages. The servers are typically instructed to download and execute a malicious program, which then steals data from or serves ads to visitors to the legitimate website.
Websense also reported that the total volume of email containing viruses increased 600% in the month of June. In addition, the automated submission of blog and forum comments containing links to malicious web pages was increasingly popular; the security firm estimated 95% of all user-generated comments are spam or malicious.