Web-Based Malware Infections Have Doubled Since Last Year, Report Says

If you operate a legitimate website that has been infected by malware, you're not alone. Not by a long shot.

According to a third-quarter malware report issued today by anti-malware vendor Dasient, more than 1.2 million websites were infected last quarter -- more than twice as many as the same quarter a year ago.

"We're seeing real growth in the rate of infection since last year," says Neil Daswani, CTO and co-founder of Dasient. "And attackers are becoming more sophisticated in their use of anti-detection mechanisms -- they know what tools researchers are using and they're finding ways to avoid them."

Drive-by downloads and rogue antivirus scams are the most popular methods of conveying malware, according to the report. "While attackers continue to grow their use of almost every tool at their disposal [including spreading viruses via email attachment], our research indicates that the use of drive-by-downloads and rogue anti-virus schemes eclipse other modes of malware distribution," the report says.

Malvertising -- in which malware is hidden in advertisements carried by legitimate websites -- continues to be a growing attack vector, Dasient says. "We estimate that over 1.5 million malvertisements a day were served during Q3," Dasient states. "Our systems measured that the average lifetime of a malvertising campaign was 11.1 days, indicating that malvertisements continue to be an extremely effective means of malware distribution for cybercriminals."

The lion's share of malware attacks come from the .com domain, Dasient says, but the .ru domain -- Russia -- made a sharp jump in the third quarter, while the .cn domain (China) actually distributed less malware than in the previous quarter.

Interestingly, although overall malware infection has doubled in the past year, the volume of infections actually dropped during the third quarter. The report data does not indicate the reason for the drop-off, Daswani says, but it's possible that malware traffic drops off seasonally during the summer, just as most other Web traffic does.

"It's not surprising to see a dip in [malware] traffic during the summer months," Daswani says. "Attackers are people, too -- everybody needs a vacation."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.