The first half of 2008 has seen an explosion in threats spread via the web, the preferred vector of attack for financially-motivated cybercriminals. On average, Sophos detects 16,173 malicious webpages every day – or one every five seconds. This is three times faster than the rate seen during 2007.
Over 90 per cent of the webpages that are spreading Trojan horses and spyware are legitimate websites (some belonging to household brands and Fortune 500 companies) that have been hacked through SQL injection.
SQL injection attacks exploit security vulnerabilities and insert malicious code into the database running a website. Companies whose websites have been struck by such an attack often clean-up their database, only to be infected again a few hours later. Users who visit the affected websites risk having their computer taken over by hackers, and their personal banking information stolen by identity thieves.
Sophos has identified that the number one host for malware on the web is Blogger (Blogspot.com), which allows computer users to make their own websites easily at no charge. Hackers both set up malicious blogs on the service, and inject dangerous web links and content into innocent blogs in the form of comments. Blogspot.com accounts for 2 percent of all of the world’s malware hosted on the web.