Web site owners 'failing to protect visitors' even from two-year-old viruses

by Guy J Kewney | posted on 01 June 2007

Mal/Iframe,  a virus which works by injecting malicious code onto legitimate web pages, continues to dominate the Sophos chart of top-ten "malicious software threats" accounting for 65% of all web-based threats in May.

 These are relatively old viruses - for example, Sophos has provided protection against Soraci for two years. "The appearance of these in the chart illustrates that many web administrators are failing to keep their websites safe from hackers intent on compromising their pages," accused Carole Theriault, senior security consultant at Sophos.

 "Attacks spreading on the web are becoming more frequent and more problematic for businesses every month," she explained  "Malicious sites don't need to host malware to be dangerous - we are also seeing and blocking access to 600 new phishing pages each day"..

The three newcomers, Redlof, Roor and Soraci, are all appending viruses, infecting, amongst others, HTM, HTML and HTT files.

"It's no longer enough for businesses simply to filter websites based on category - the real nasty attacks are most often found lurking on legitimate web pages," continued Theriault. "This is a wake up call for organisations with a website: being out of date with patches and running inadequate security has very real risks," said today's bulletin.

The good news: you can avoid most of the sites operated by these careless webmongers: just avoid Chinese and American hosted pages.

Ten Worst Hosting Countries
 1  China (inc HK)   53.2%
 2  United States  27.4%
 3  Germany   5.1% 
 4  Russia  3.5%
 5  Thailand  1.1%
 6  Ukraine   1.0% 
 7  UK  0.9%
 8  Taiwan  0.8%
 9  Canada  0.6%
 10  S Korea  0.5%

Technorati tags:   
general news (wireless) - You can discuss this article on our discussion board.