The Threat

There has been a fundamental shift in the way that malware is distributed. Attackers plant malicious code onto legitimate websites and infect any visitors to that site with a virus.

Just by loading an infected web page in a browser, a virus can be downloaded to your computer without you knowing. Even worse, if you are responsible for administering a web site, and you get infected, the infection can spread onto web sites that you run.

  • Every 1.3 seconds a new web page is getting infected
  • Every month almost 2 million web pages across 210,000 websites are infected with Malware
  • Malware attacks have grown by 600% since 2008


There Are Many Ways That Websites Can Suffer a Malware Attack

Vulnerable web applications

  • Automated attack scripts look for un-patched versions of software such as blog, CMS, forum, and shopping cart packages
  • Attackers exploit SQL injection and cross-site scripting (XSS) vulnerabilities in older versions of software

Compromised web server

  • Attackers compromise a web server via network/scripting application vulnerabilities and modify the site’s content

Stolen administrative credentials

  • Hackers use keyloggers to steal FTP or other administrative credentials
  • Hackers Inject malicious content, or redirect visitors to an attacker's malware site

Malicious ads

  • Hackers create malicious ads and insert them into ad networks
  • Content sites that source in external ads are at risk of infecting users and getting blacklisted

3rd-party widgets

  • Hackers infect 3rd-party widgets (e.g., a traffic counter) or mash-ups
  • Content sites can be at risk of getting blacklisted because they source in content from an infected 3rd-party

User generated content

  • Malicious users can upload harmful links, HTML code, and files to a legitimate website

Get a Free White Paper

Drive-by-Downloads and Web Malware Threats

LEARN MORE »



Check Your Domain





Stay in Touch

Our Blog
read & comment

Twitter
@dasient