Booby-trapped web pages are growing at an alarming rate with unsuspecting firms acting for nurseries for botnet farmers, according to a new study.

Security watchers at Sophos are discovering 6,000 new infected webpages every day, the equivalent of one every 14 seconds. Four in five (83 per cent) of these webpages actually belong to innocent companies and individuals, unaware that their sites have been hacked. Websites of all types, from those of antique dealers to ice cream manufacturers and wedding photographers, have hosted malware on behalf of virus writers, Sophos reports.

The study sheds fresh light on the well-understood problem of drive-by-downloads from compromised sites, a tactic that's come to eclipse virus-infected email as a means of spreading malware. Cybercrooks target users by spamvertising emails containing links to poisoned webpages, exposing unsuspecting victims to malware. At least one in ten web pages are booby-trapped with malware, according to a separate study by Google published last May.

Often these malware packages are designed to put compromised zombie PCs under the control of hackers.

Around half a million computers are infected by bots every day according to data compiled by PandaLabs, the research arm of anti-virus firm Panda Software. Approximately 11 percent of computers worldwide have become a part of criminal botnets, which are responsible for 85 percent of all spam sent, it said.

You've been iFramed

Compromised sites often contain browser exploits that allow hackers to push Trojans and the like onto vulnerable PCs. Sophos reports that the well-known iFrame vulnerability in Internet Explorer remained the preferred vector for malware attacks throughout last year. China (51.4 per cent) led the US (23.4 per cent) in the net security firm's list of malware-hosting countries. The figures represent a reversal from 2006, when China held second place after the US on the list of shame.

"We would like to see China making less of an impact on the charts in the coming year. Chinese computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today," said Graham Cluley, senior technology consultant at Sophos.®

More comments…

Related stories

Drive-by download attack compromises 500K websites (13 May 2008)
Security gumshoes locate source of mystery web compromise (16 April 2008)
Database Trojan infests pro-Tibet websites (14 April 2008)
Malware still malingering for up-to-date anti-virus users (11 April 2008)
Poisoned websites staying contaminated longer (31 March 2008)
Botnet farmers play the international exchange game (19 March 2008)
Trend Micro gets slashed in attack of the killer iframes (13 March 2008)
Mass compromise powers massive drive-by download attack (13 March 2008)
Critics chuck MS 'friendly worm' plan on the compost heap (15 February 2008)
Web browsers on the front line of exploitation (15 February 2008)
Hackers seed malware on Indian anti-virus site (8 February 2008)
Spammers dive into Google's lucky dip (30 January 2008)
Storm Worm turns one (18 January 2008)
Mexico and Africa to become malware hotspots (18 January 2008)
Most home routers 'vulnerable to remote take-over' (15 January 2008)
Browser vulns and botnets head threat list (14 January 2008)
Poisoned MySpace page masquerades as Windows Update (12 January 2008)
SoBig anniversary marks birth of the botnet (9 January 2008)
FBI crackdown on botnets gets results, but damage continues (29 November 2007)
Botmaster owns up to 250,000 zombie PCs (9 November 2007)
The balkanization of Storm Worm botnets (15 October 2007)
Guessing at compromised host numbers (25 September 2007)
One in 10 web pages laced with malware - Google (11 May 2007)