Web attacks routinely hosted by real websites

**Glaswegian** · 05-16-2009, 02:38 PM

The number of legitimate websites being hacked to host malware has hit startling highs in recent days, new figures from MessageLabs have revealed.

Data taken from the days between the 4th to 8th of May showed that 84.6 percent of websites blocked by the company for hosting malicious content were ‘well-established' domains that have been around for a year or more.

During the same period, 10.2 percent of blocked domains were less than a year old and only 3.1 percent were less than a week old.

At first glance this, this runs counter to the assumption that malicious websites more commonly exist for only days or hours in some cases, the better to avoid detection and filtering. This is termed ‘fast-fluxing', cycling websites through a maze of bogus sub-domains.

However, according to MessageLabs, the likely explanation is that a move to genuine domains means that the fast-fluxing has now migrated to use a different part of the domain tree.

"The bad guys will compromise the DNS and add sub-domains," said MessageLabs' Paul Wood. The recent figure represented a high mark, admitted Wood, but still represented a gathering storm.

"People need to be extra vigilant and understand that even sites they know and trust can be compromised through attacks such as SQL injection attacks, while businesses need to ensure they take the necessary precautions to block all the latest malicious sites," said Wood.

http://www.techworld.com/security/ne...&NewsID=115931

dhanubaba · 05-19-2009, 12:21 AM

SQL injection is primary type of attack That Can Be Occur, But Modern web Sites cant hack by using SQL injection. So Its Out Of Fashion.

05-16-2009, 02:38 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,186 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Web attacks routinely hosted by real websites The number of legitimate websites being hacked to host malware has hit startling highs in recent days, new figures from MessageLabs have revealed. Data taken from the days between the 4th to 8th of May showed that 84.6 percent of websites blocked by the company for hosting malicious content were ‘well-established' domains that have been around for a year or more. During the same period, 10.2 percent of blocked domains were less than a year old and only 3.1 percent were less than a week old. At first glance this, this runs counter to the assumption that malicious websites more commonly exist for only days or hours in some cases, the better to avoid detection and filtering. This is termed ‘fast-fluxing', cycling websites through a maze of bogus sub-domains. However, according to MessageLabs, the likely explanation is that a move to genuine domains means that the fast-fluxing has now migrated to use a different part of the domain tree. "The bad guys will compromise the DNS and add sub-domains," said MessageLabs' Paul Wood. The recent figure represented a high mark, admitted Wood, but still represented a gathering storm. "People need to be extra vigilant and understand that even sites they know and trust can be compromised through attacks such as SQL injection attacks, while businesses need to ensure they take the necessary precautions to block all the latest malicious sites," said Wood. http://www.techworld.com/security/ne...&NewsID=115931 __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner

05-19-2009, 12:21 AM	#2 (permalink)
dhanubaba Registered User Join Date: Jan 2009 Posts: 14 OS: Windows Vista	Re: Web attacks routinely hosted by real websites SQL injection is primary type of attack That Can Be Occur, But Modern web Sites cant hack by using SQL injection. So Its Out Of Fashion.