"Dirtiest" websites host average 18,000 threats

Share this article:
The most dangerous sites on the web are propagating an average of 18,000 different pieces of malware, according to Symantec.

The security vendor on Wednesday put out a list of the most offensive sites on the web -- those hosting the most malware. As can be expected, 48 of the top 100 worst are adult-themed sites, but others featured diverse topics, ranging from deer hunting and catering, to figure skating, electronics and legal services.

Forty of the sites had more than 20,000 threats, according to Symantec. The most offensive site was propagating 56,371 viruses. And, three quarters of the sites on the list have been propagating malware for more than six months.

One U.S.-based catering site was home to 23,414 viruses, four drive by downloads, and three other security threats. A figure skating site hosted 7,135 threats, including viruses, identity-stealing malware and programs that track users' online activity, Dan Schrader, senior product manager, Symantec told SCMagazineUS.com on Thursday.

There are many different ways that sites can be infected with malware, but attackers typically use SQL injection techniques, which exploit vulnerabilities in web server technologies, Schrader said. Other times, the machines of individuals that maintain the website become infected and malware is inadvertently posted when the site is updated.

Schrader said he was surprised that were so many non-adult-themed sites on the list.

“We used to tell people if you stick with the ‘safe neighborhood' you will be safe, and what we are seeing from this list is that it's better if you stick to the safe neighborhood, but that doesn't mean you are safe,” Schrader said. “Your own judgment doesn't tell you anything about the security practices of that site.”

Ken Pappas, vice president of marketing and security strategist at network intrusion prevention vendor, Top Layer Security told SCMagazineUS.com on Thursday that the list of most-offensive websites is ever-changing and new websites are constantly being infected.

“This is not something like building a ten most-wanted for criminals at large,” Pappas said. “Whether it's ten viruses or ten thousand it doesn't matter; the point is, innocent people are going to what they believe is a legitimate and trusted website. They have no idea or warnings it will potentially put malware in the computer.”

According to security vendor Sophos' July security threat report, approximately 23,500 infected webpages are discovered every day – that's a new one every 3.6 seconds.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Florida Supreme Court rules warrants a must for real-time cell location tracking

Florida Supreme Court rules warrants a must for ...

The Florida Supreme Court put the kibosh on warrantless real-time tracking using location data obtained from cell phone providers.

Modular malware for OS X includes backdoor, keylogger components

Modular malware for OS X includes backdoor, keylogger ...

The modular malware was named "Ventir," by researchers at Kaspersky.

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.