Infected web page numbers soar
The number of web pages infected by predatory malware is has more than doubled over the last two months, with many legitimate big name brands unwittingly hosting poisoned pages that could ensnare visitors.
Figures revealed exclusively to E&T by online security firm Sophos, show that during August 2008, its SophosLabs division detected more than 1 million new infected webpages - that’s about 32,000 each day, or around one every three seconds. This compares to a rate of one infection every 12 seconds that SophosLabs found in the first half of 2008.
“Typically, hackers use SQL injection techniques to insert malicious code into the web page itself, so that when browsed it will redirect visitors to another site, or present a pop-up window offering free security software that is, in fact, a link to a malware site,” says SophosLabs director Mark Harris. “Infected websites we have identified included high-profile names such as bbc.co.uk, bestwestern.co.uk, hasbro.co.uk, sharp.co.uk, www.atptennis.com, and the official Sony PlayStation site in the US.”
Before publicising a known infected site, SophosLabs notifies its administrators: “Most are cleaned up very quickly,” says Harris. “But until then it still leaves a significant window of opportunity for cyber crooks.”
This type of threat has “sneaked past many website administrators who are either not aware of the risk, or if they are running Linux or UNIX platforms, have convinced themselves that Open Source environments are less vulnerable to attack,” Harris adds. “But in the first half of 2008 we found that Apache web server software was used on at least 59 per cent of all infected websites.”
As organisations get better at protecting their systems against hacking and viruses, web server attacks will become increasingly favoured by cyber criminals, Harris believes: “Detection doesn’t equal protection. The rate of infection shows no signs of abating.”