Web wanderers are more likely to get a computer virus by visiting a religious website than by peering at porn, according to a study released on Tuesday.
“Drive-by attacks” in which hackers booby-trap legitimate websites with malicious code continue to be a bane, the US-based anti-virus vendor Symantec said in its Internet Security Threat Report.
The same article, or variations on the theme have been have been run by many news/technology venues such as InformationWeek, NYDailyNews, WallStreetJournal Blogs, CSO Online, PCWorld, etc. Many created their own stories from the report, so well worth a read.
Where did all this information come from:
Symantec Internet Security Threat Report – 2011
Malware in 2011
By analyzing malicious code we can determine which threats types and attack vectors are being employed. The endpoint is often the last line of defense, but it can often be the first-line of defense against attacks that spread using USB storage devices, insecure network connections and compromised, infected websites. Symantec’s cloud-based technology and reputation systems can also help to identify and block new and emerging attacks that haven’t been seen before, such as new targeted attacks employing previously unknown zero-day exploits. Analysis of malware activity trends both in the cloud and at the endpoint can help to shed light on the wider nature of threats confronting businesses, especially from blended attacks and threats facing mobile workers.Corresponding to their large internet populations, the United States, China and India remained the top sources for overall malicious activity. …
The reference about religious sites?
Moreover, religious and ideological sites were found to have triple the average number of threats per infected site than adult/pornographic sites. We hypothesize that this is because pornographic website owners already make money from the internet and, as a result, have a vested interest in keeping their sites malware-free – it’s not good for repeat business.
And here’s just one more small area of the report:
Exploiting the Web: Attack toolkits, rootkits and social networking threatsAttack toolkits, which allow criminals to create new malware and assemble an entire attack without having to write the software from scratch, account for nearly two-thirds (61%) of all threat activity on malicious websites. As these kits become more widespread, robust and easier to use, this number is expected to climb. New exploits are quickly incorporated into attack kits. Each new toolkit version released during the year is accompanied with increased malicious Web attack activity. As a new version emerges that incorporates new exploit functionality, we see an increased use of it in the wild, making as much use of the new exploits until potential victims have patched their systems. For example, the number of attacks using the Blackhole toolkit, which was very active in 2010, dropped to a few hundred attacks per day in the middle of 2011, but re-emerged with newer versions generating hundreds of thousands of infection attempts per day towards the end of the year.On average, attack toolkits contain around 10 different exploits, mostly focusing on browser independent plug-in vulnerabilities like Adobe Flash Player, Adobe Reader and Java. Popular kits can be updated every few days and each update may trigger a wave of new attacks.They are relatively easy to find and sold on the underground black market and web forums. Prices range from $40 to $4,000. …
The whole report is well worth a read! There is only so much you can put into an article.
Much more in the report!