Download the new Switched app for your iPhone

Skip to Content

Engadget for the iPhone: download the app now
AOL Tech

Filed under: Internet, Security, News

Web-based malware attacks growing at an astonishing rate


Dasient, the web security firm founded by ex-Google staffers that launched in June of this year, have published a blog post which shows just how dangerous a place the web is becoming.

If you do any computer service - either as a job or a favor to friends and family - you've no doubt seen the end result of these attacks. Fake antivirus applications continue to be the biggest source of business at my day job. That's all thanks to a web that has been slow to adapt to the presence of these threats.

According to the data Dasient has gathered to date, they estimate the number of compromised web sites to be about 640,000. Netcraft puts the total number of sites on the Internet at around 240 million - so compromised sites only amount to .26% of the whole. Still, those 640,000 sites are serving as many many as 5.8 million infected pages says Dasient, up sharply from the 3 million pages earlier this year reported by Microsoft.

Do different methods account for the big change? Not so much, says Dasient. The rapid rate of growth in threats is borne out by the parallel growth of blacklists maintained by companies like Google.

Dasient notes four common weaknesses that are being exploited: compromised FTP credentials, server-side vulnerabilities, unpatched or unknown web application vulnerabilities, and ad networks (even unknowingly) serving malicious ads.

The best "poisoned" advertising example to date would have to be the New York Times website, which was unwittingly serving malicious links just a few weeks ago. The incident underscored just how big a problem this has become. You no longer have to be looking for cracked or pirated software, illegal music, or pornographic pictures and videos to be at risk. Mainstream sites are being targeted, putting even more users at risk.

It's more important than ever to make sure you protect yourself. If you're using Windows, arm yourself with a good antivirus and security tools. Linux and Mac users - yes, you're safe for now from most of these threats but certain attacks - like phishing - can effect you, too. Keep your web browser, plugins, and OS fully updated, and make sure you know what you're clicking before you click it.

For users on any operating system the free WebOfTrust add-on for Firefox, IE, and Google Chrome (read more about the WOT add-on) can help defend you against malicious links and site. It's well worth installing, especially on a Web that is under siege by malware.
jobs & resumes
iPhone / Android Developer

Bump Technologies, Inc. - Mountain View, CA (2 weeks ago)

See More Relevant Jobs ›

Reader Comments (Page 1 of 1)

Featured Time Waster

Level Up! A platform-hopping RPG Time-Waster

I don't know if this is a labor of love or merely the brainchild of four very gifted games designers, but Level Up is a really weird mash-up of gaming elements that you have probably never seen in a Flash game before. Let's start with the premise itself: Groundhog Day meets Memento. The game experience revolves around 'days': you explore the world and the clock slowly ticks towards the evening. You bounce around picking up gems and talking to the denizens of 'Level Upland'. Eventually you feel tired and head back to ...

View more Time Wasters


Follow us on Twitter!

More Tech Coverage

Joystiq

TUAW

DailyFinance

Autoblog

Urlesque

Engadget

WoW

Switched.com

FanHouse