Web malware spreads 35%, says security survey

Daily news headlines

LONDON – Web-based threats from malware - software that is designed to infiltrate or damage computer systems - are “growing exponentially”, with a 35% rise in April alone, according to monthly research by web security firm Scansafe. More than 500,000 high-profile sites such as the United Nations’ website have had their databases targeted by the latest wave of a so-called ‘SQL injection’. Meanwhile an ‘iframe injection’ is misdirecting search queries to malware downloads on a multitude of middle-tier sites that, although relatively small individually, together constitute the ‘long tail’ of the internet.

Searches made on infected sites using popular consumer security software such as McAfee SiteAdvisor failed to flag or block the sites. The research is based on billions of web requests Scansafe logs on behalf of business customers worldwide. The inability of consumer software to deflect such malware attacks is a growing threat both inside and outside the office – as more roaming employees compromise security accessing sensitive corporate material simultaneous to leisure sites.

“It is unlikely we have seen the last of either of these attacks. Given the improved targeting and growing number of compromises, web surfers will want to be increasingly cautious,” says Mary Landesman, a senior security researcher at Scansafe.

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here