informa
Commentary

More Mailicious Sites Than Ever. More On The Way.

The number of malicious sites detected in March jumped by almost 200% over February, according to a new report from MessageLabs. The increase consists primarily image-based malware: time to warn your employees (and everybody else) about the risks of image-sharing sites, including social nets.
The number of malicious sites detected in March jumped by almost 200% over February, according to a new report from MessageLabs. The increase consists primarily image-based malware: time to warn your employees (and everybody else) about the risks of image-sharing sites, including social nets.As far as malware-bearing Web sites go, March came in like a lion, and went out like one, too, as new figures from MessageLabs show.

The month saw a 197.2% increase in the number of blocked malicious Web sites worldwide, according to MessageLabs' Q1/March 2009 Intelligence Report.

The report notes that the increase quantifies the identification (and blocking) of 2,797 new malicious sites a day!

Much of the increase rests on an old malware technique finding new favor among the crooks: malicious code appended onto the end of image files; display the image and the malicious script executes, launching tracking software, for instance.

The technique is most effective with older versions of browsers: Time to remind your people to upgrade their Web tools to the latest, less vulnerable versions. (And to find out why they haven't done so sooner!)

Time as well for reminders that injection attack strategies, such as this, ride the image-sharing wave. Older browsers, image-sharing sites and social networks, and improperly protected (or educated) users is the combination the hackers are looking for.

And they're going to keep looking; I doubt the March jump in malware sites is a blip.

Spam, too, is on the rise once more, accounting for more than 75% of all e-mails, the MessageLabs report stated. That's nearly back to pre-McColo-takedown levels, to nobody's surprise.

E-mail carrying malicious links hit a nine month high in March, and that trend's not likely to drop dramatically any time soon, either.

The complete MessageLabs Q1/March 2009 Intelligence Report is here.

Recommended Reading: