14 DAY TRIAL // According to a Symantec report 90% of all websites used to spread malware or launch attacks against users are legitimate ones that have been compromised. For over half of the remaining 10%, that are malicious by design, attackers register new domains every day.
The data used to compile the report (PDF) comes from MessageLabs, Symantec's Hosted Services, through which the vendor sells corporate Web, email and instant messaging security solutions, and reveals that overall the quantity of Web malicious attacks has increased. In this respect, MessageLabs's Web Security Service has blocked 20% more requests per client per month in 2010 compared to the same period in 2009.
The block rate has been on a constant increasing trend since January and in March, the middle of the period considered for this report, over fourty percent of the company clients experienced at least one such incident. The company reveals that 90% of these blocks were caused by attacks distributing traditional malware, while 4% were triggered by pop-up ads, attempts to track the user's behavior or modify how their browser operates.
According to the report the vast majority of malicious pages are now hosted on legit websites that have been compromised and injected with rogue code. "The reality is that infected websites are no longer confined to the ‘dodgy’ margins of the internet. There are now probably many tens of thousands of them – and 90% are perfectly legitimate, often mainstream sites that, unknown to their owners, have been compromised in some way by the sophisticated, skilled and determined gangs of cyber-criminals who now dominate the online ‘underworld’," the MessageLabs researchers write.
For the remaining 10 percent of websites, which were created specifically for malicious purposes, the attackers register new domains at an average rate of 65% per day. It is also evident from the data that there are more malicious domains created daily than there is malware. However, this is on a descending trend - the number of new domains registered every day has been decreasing from month to month, while the rate of new daily malware has remained fairly constant.
You can follow the editor on Twitter @lconstantin