Dramatic Increase In Malicious Websites, Reports Websense

A look back at 2010 by researchers at Websense revealed that a mix of better tactics and black hat search engine optimisation (SEO) laid the foundation for a dramatic jump in malicious sites for the year.

In the “Websense 2010 Threat Report“, researchers had mostly bad news for users – the number of malicious sites increased 111.4 percent between 2009 and 2010. Nearly 80 percent of all malicious sites are compromised legitimate Websites, a statistic Websense senior manager of security research Patrik Runald called “a huge number”.

News Searches Are Targeted

“Attacks by numbers work very well for the bad guys so, as they continuously improve the way they work, combined with attacks on some very large hosting companies… the total number of [malicious] sites goes up substantially,” he said.

Search engine optimisation by attackers has not helped the situation. According to the company, Web users searching for breaking news have a 22.4 percent chance of being lured to a malicious site – more than those searching for adult content, who have a 21.8 percent chance.

“The earthquakes in Haiti and Chile, [actor] Corey Haim’s death, and the World Cup of Soccer [FIFA World Cup] were just a few examples of cleverly manipulated search engine results steering people to bogus links that rated higher than legitimate results,” according to the report. “Similar to what we found in 2009, the botnets behind these campaigns are being repurposed once the illegitimate campaign has been removed from the search engine results.”

“Many of the 2010 SEO attacks were blended in nature, with a second component consisting of rogue AV [antivirus],” the report continued. “Both approaches used bogus AV campaigns offering free health scans that identified fake infections. Upon notification of a fake virus, users were prompted to download a free “antivirus” software where a second scan asked them for their credit card information to remove the fake malware.”

Researchers said they expect to see more black hat SEOs combined with rogue antivirus and email containing data-stealing components in the coming 12 months. For 2010, shopping remained the leading topic of spam, compromising 12 percent. The next 10 percent contained “pump-and-dump” spam – where spammers buy shares in a little-known company, hype it up by email and, when the price starts to rise, sell the shares at a profit.

According to the report, the US was the number one country hosting crimeware and phishing sites in 2010.

“Stable servers and good Internet connections are two reasons,” Runald said. “While it is easy to think that a lot of the stolen data is sent to servers in eastern European or Asian countries, the fact is that the attackers need stable systems just like the rest of us. And the US is definitely up there in terms of stability, so it’s logical that it’s one of the most popular hosting countries. That doesn’t mean, of course, that the attackers are based in the US.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

View Comments

  • Remember of course that Websense have a vested interest in reporting ever increasing dangers.

    I’d trust an independent review far more.
    Furthermore their alogorithms used to detect sites are of course confidential and are sometimes far too broad in identifying rogue sites.

    Just this morning websense blocking access to a clients site – http://www.positiveactiongroup.org. The Websense website has steadily rejected my attempts to register and correct their view of that website.

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

30 mins ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

17 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

20 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

21 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

22 hours ago