Application security

Sophos: Web leaves email behind as attacker vector of choice

Hackers are increasingly spreading malware via the web rather than email, according to new research.

The latest report by Sophos revealed that the number of websites hosting malware jumped to 245,790 in April, with an average of 8,193 new infected websites per day.

Experts at the anti-malware vendor attributed the findings to the Mal/Iframe method, which dominated the threat landscape last month, accounting for nearly half of the world’s web attacks.

The stats show a definitive shift away from email-borne attacks, said Ron O’Brien, senior security analyst at Sophos, which has U.S. headquarters in Boston.

"We are seeing a steady increase in web-based attacks compared to email-based malware," he said. "As 70 percent of web-based malware is being hosted on innocent but exploited websites due to vulnerabilities, website owners really need to tighten their security to ensure that visitors are not being infected."

This type of attack exploits vulnerabilities on legitimate websites to install malicious code. Users are infected after they visit the site, said the researchers.

"The Iframe-based attacks are a perfect example of a prolific web threat that targets vulnerable sites," said Carole Theriault, senior security consultant at Sophos. "People are lured to these innocent but compromised webpages via cleverly worded email invitations. Web security has to go beyond blocking websites based upon category alone."

China and Hong Kong hosted 56 percent of the infected sites detected by Sophos last month, a 20 percent increase from March. This is due to China hosting a large number of unpatched websites infected with the Iframe malware, says Sophos.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.