You are here: Home > News > Article
Home
Business & Finance
News
U.S.
Politics
International
Technology
Entertainment
Sports
Lifestyle
Oddly Enough
Health
Science
Special Coverage
Video
Pictures
Your View
The Great Debate
Blogs
Weather
Reader Feedback
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
Your View
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters

ScanSafe Reports 407 Percent Increase in Compromise of Legitimate Websites

Thu Jun 5, 2008 8:00am EDT
 
[-] Text [+] 
68 Percent of Malware Now Found on Legitimate Sites
LONDON & SAN MATEO, Calif.--(Business Wire)--
In a Security Brief issued today, ScanSafe, the pioneer and
leading provider of SaaS (software-as-a-service) Web security,
reported that 68 percent of all Web-based malware it blocked on behalf
of its corporate customers in May was found on legitimate sites, up
more than 407 percent compared to May 2007.

   The increase is the result of an unprecedented series of attacks
that have outfitted hundreds of thousands of legitimate sites with
malicious scripts and iframes designed to silently deliver password
stealers and backdoors to visitors' computers.

   "The compromise techniques being used now allow hackers to quickly
'colonize' thousands of legitimate sites, from big brand name sites
like Wal-Mart, to smaller but equally legitimate sites," says Mary
Landesman, senior security researcher at ScanSafe.

   The Security brief is based on a comparison of the Web-threat
landscape in May 2007--six months before these large scale
attacks--with data from May 2008. It is based on the more than 10
billion Web requests ScanSafe scans each month for its corporate
customers in more than 60 countries.

   Specifically, the company reported a 220 percent increase in the
amount of Web-based malware--viruses, Trojans, password stealers and
other malicious code. The fastest growing category of threats is
backdoor and password-stealing malware, which increased 855 percent
from May 2007 to May 2008, putting sensitive corporate data at serious
risk of theft.

   The Web was riddled with compromised sites in May 2008, largely as
a result of ongoing SQL injection attacks that began in late October
2007 affecting hundreds of thousands of websites. In parallel, another
highly prolific series of attacks have been rendered through the use
of stolen FTP credentials. Among legitimate sites compromised in May
2008 were Nature.com, Foofighterslive.com, Thecareercompany.co.uk,
Acer.co.th, Webster.edu and Photopass.com.

   "Over the last year malware authors have moved away from direct
attacks--attacks in which they directly interact with victims, via
social engineering for example--to indirect attacks accomplished
through compromised websites. These indirect attacks not only leverage
stealthier techniques, like the insertion of an invisible iframe, but
they leverage legitimate, name brand sites that Web surfers implicitly
trust. The net result is that you absolutely cannot assume that
because you are on a brand name or well known site that it is a safe
site. We've been saying this for some time but it bears repeating in
light of this astronomical increase. Currently, thousands of
legitimate sites are being compromised daily," says Landesman.

   For a copy of the ScanSafe STAT Security Brief: A Comparative Look
at the State of Web Security, May 2007-May 2008, please visit
www.scansafe.com/threat_center/threat_alerts/stat_security_brief.

   About ScanSafe

   ScanSafe is the largest global provider of SaaS Web Security,
ensuring a safe and productive Internet environment for businesses.
ScanSafe solutions keep viruses and spyware off corporate networks and
allow businesses to control and secure the use of the Web and instant
messaging. As a fully managed service, ScanSafe's solutions require no
hardware, upfront capital costs or maintenance and provide
unparalleled real-time threat protection. Powered by its proactive,
multilayered Outbreak Intelligence(TM) threat detection technology,
ScanSafe scans more than 10 billion Web requests and blocks 100
million threats each month for customers in over 60 countries.

   With offices in London and San Mateo, California, ScanSafe is
privately owned and financed by Benchmark Capital and Scale Venture
Partners. The company received a 2007 CODiE award for Best Software as
a Service Solution, the 2008 and 2007 SC Magazine Europe Award for
Best Content Security Solution and was named one of Red Herring's Top
100 Technology companies. For more information, visit
www.scansafe.com.

ScanSafe
Sheila O'Neill, +1-650-294-3463 (U.S. Media)
Mobile: +1-303-324-7310
sheila.oneill@scansafe.com
Susie Bailey, +44 (0) 20 7959 0630 (EMEA Media)
Mobile: +44 (0) 7875 360 437
susie.bailey@scansafe.com

Copyright Business Wire 2008

 

Featured Broker sponsored link

Editor's Choice

British artist David Hockney poses for photographers at Tate Britain in LondonSlideshowSlideshow 

A selection of our best photos from the past 24 hours.  Slideshow 

Most Popular on Reuters

  • Articles
  • Video