Security company Dasient released a study today indicating the number of Web sites infected with malware and malvertisements in the third quarter of 2010 to be 1.2 million, double its estimate from the same time period last year. And you can't simply avoid shady sites to keep yourself safe either, the report said: government sites are prime targets.
According to Dasient (which, it is worth noting, sells Web antimalware solutions), while other methods of spreading malware—such as spreading viruses via e-mail—continue to grow, "drive-by-downloads and rogue antimalware attacks eclipse other methods of malware distribution."
The most infected domains are .com, .ru, and .info. Attacks from .ru (Russia) have surged since last year, and those from .cn (China) have dropped. The top ten attacker domains were:
- riotassistance.ru
- mybar.us
- myads.name
- toolbarcom.org
- freead.name
- adnet.biz
- pqshow.org
- pantscow.ru
- nt02.co.in
- nuttypiano.com
Social Media Infections
In particular, the study singled out the growth of social media as a prime target for cyber criminals. Expect more aggressive attacks on Facebook, along the lines of the Koobface botnet, and Twitter, which fell prey to an XSS attack in September. The Twitter XSS attack redirected users to porn and malware sites, and Koobface attack modules spammed Facebook (and MySpace, Twitter, Hi5, Bebo, and Friendster) with malicious links to try to get them to download rogue antimalware.
Advertising Infections
In Q3 of 2010, Dasient estimates that 1.5 million malvertisments per day were served in 2010. This includes those that were delivered by drive-by-downloads and via fake antivirus campaigns. The average lifetime of one of these campaigns was just over 11 days. With this rate of churn, it's clear that it's vitally important to always keep your antivirus software updated.
Government Infections
It's not just social networks or shady fly-by-night sites that serve up these infections, either; cyber criminals are increasingly targeting government Web sites, too. NIH.gov, the site of the National Institute of Health, which gets an estimated 9.5 million page views per month, was infected five times in the period of 2009 to 2010, with the most recent infection in October of 2010. CA.gov was in infected five times during the study period, and Alabama's AL.gov was infected a shocking 37 times before they got control of the problem—the last reported infection was in July 2009.
As PCMag lead analyst for security, Neil Rubenking, points out, government sites may be increasingly vulnerable in this era of budget belt-tightening. If government sites get hacked, there may not be anyone to notice—and there's even less likely to be anyone on hand who can quickly fix the problem.
How to Protect Yourself
Clearly, it's more important than ever to keep yourself protected. If you don't already have protection or are looking for new antivirus app now that the 2011 choices are mostly available, read our roundup of 20 AV apps (including both free and premium choices), The Best Antivirus for 2011.