Malicious Content Found More on Well Established Sites

    May 13, 2009
    Chris Crum

MessageLabs Intelligence released some new  information today indicating that the assumption that most web-based malware resides on fly-by-night websites touting adult content, is an "old-fashioned notion."

Instead, a MessageLabs (part of Symantec) spokesperson tells WebProNews that cybercriminals are more likely to be hiding on legitimate web sites tha have been compromised.

Data from the week of May 5th shows that:

– 84% of site domains blocked for hosting malicious content are well-established domains that are over a year old.

– 15.4% of domains blocked are sites that are less than a year old.

– 10.2% are less than a month old.

– 3.1% are less than a week old.

Paul Wood of MessageLabs"It is highly likely that older sites are legitimate sites, while those that are only a week old or less are likely to be temporary sites set up with the sole purpose of distributing malware," said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec.

"People need to be extra vigilant and understand that even sites they know and trust can be compromised through attacks such as SQL injection attacks, while businesses need to ensure they take the necessary precautions to block all the latest malicious sites," added Wood. "With the ever advancing world of cyber crime, nothing can be taken at face value."

In other words, you’re not safe anywhere. As the RZA would say, "Ya Best Protect Ya Neck."