Web's 'most infected' list too dirty to be made public
Two new Web security reports have highlighted the Internet as a ‘Wild West’, with some of its dirtiest websites seething with up to 20,000 malware infections.
According to the ‘Mid-year Trend and Risk Report’ from IBM Web threats are converging to create an ‘untenable risk landscape’ that’s akin to a “Wild West” where no-one is trustworthy. Its X-Force Internet security R&D division reports that malicious infiltration of Web server, client, and content is increasingly affecting sites that formerly held ‘trusted status’, such as mainstream search engines, blogs, bulletin boards, personal websites, and online publications, where security has not been well implemented.
IBM X-Force also reports that levels of veiled Web exploits – PDF files in particular – are growing at an escalating rate, with the amount of suspicious, obfuscated, or concealed content monitored by the IBM ISS Managed Security Services team nearly doubling in Q1-Q2/2009.
“There is now no such thing as safe browsing,” says X-Force Director Kris Lamb. “Every Web site should be viewed as suspicious; every user is at risk.”
Meanwhile, security solution firm Symantec has listed Summer 2009’s 100 Dirtiest Web Sites, sites that have been found to host between 18,000 and 20,000 malicious threats (compared to an average of 23) each. While 48 of the sites feature ‘adult’ content, the remainder cover a range of subject matter, including sites dedicated to catering, deer hunting, electronics e-tailing, figure skating, and legal services.
“Being dirty is nothing new for three-quarters of the sites on the list, which have distributed malware for more than six months,” says Symantec senior VP Rowan Trollope. “They represent the worst of the worst.”
The company has named and shamed 30 of the offending sites – see link below; the remaining 70 are, Symantec says, too obscene to be named into the public domain. Warning: E&T readers should not browse these sites.