In the first quarter of 2007, security firm Sophos PLC identified 23,864 new malware threats, more than double the 9,450 the company found in the same period last year. The company's report said this growth was spurred by a new movement to place malicious programs on websites: "With computer users becoming increasingly aware of how to protect against e-mail-aware viruses and malware, hackers have turned to the web as their preferred vector of attack." From January to the end of March, the company identified an average of 5,000 new infected web pages every day.
The majority (70%) of infected websites were vulnerable to attack because they were unpatched or poorly maintained by their owners. "What's most worrying is that so many websites are falling victim because the owners are failing to properly maintain them and keep up-to-date with their patches," said Carole Theriault, senior security consultant at Sophos. It doesn't help that the average internet user assumes popular websites are safe to access – for this reason, hackers are successfully infecting a larger number of surfers.
According to the report, China hosted the most websites carrying malware (40%) and the United States was second (29.2%). While the web is hosting more malware programs, the percentage of infected e-mail, dropped from 1.3% last year to 0.4%. The amount of spam, however, increased by 4.2%. Poland is a growing source of spam, the report said, with a single internet service provider — Polish Telecom — identified as the source for one in 20 spam messages worldwide.
News source: CBC News