MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_01CADC78.B65EC1D0" This document is a Single File Web Page, also known as a Web Archive file. If you are seeing this message, your browser or editor doesn't support Web Archive files. Please download a browser that supports Web Archive, such as Microsoft Internet Explorer. ------=_NextPart_01CADC78.B65EC1D0 Content-Location: file:///C:/EA89CAB4/MalwareReport.htm Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="us-ascii"

3Ddarkreading

Report: More Than 560,000 Websites Infe= cted In Q4

Web attacks get stealthier and more eff= icient; 5.5 million Web pages discovered to be infected

By Kelly Jackson Higgins,  DarkReading
Jan. 26, 2010
URL:http://www.darkreading.com/story/showArticle.jhtml?articleID=3D22250= 0206

A total of 5.5 million Web pages on more than 560,000 Websites were infe= cted in the fourth quarter, according to new data, with evidence that attackers = are waging less noticeable exploits in order to remain under the radar.

Dasient, which compiled the data from its proprietary malware analysis tool that gathers information on malware attac= ks on Websites, says the fourth-quarter 2009 numbers are actually a slight dec= line from the third quarter, when it found more than 640,000 infected Websites a= nd 5.8 million infected Web pages.

The decline, in part, could have to do with smarter, more sophisticated attacks: Infections of newly compromised Websites of 10 or more pages on average hit about 24 percent of the pages on those sites, a jump of 19 perc= ent from Q3. The infections basically spread to more pages on each site in the fourth quarter, according to Dasient's report.

Another indication that attackers are launching stealthier and more efficient attacks is in the number of programs used in the attacks. "We uncovered evidence of attackers getting more sophisticated and stealthy with their Web-based malware attacks," says Neil Daswa= ni, one of Dasient's co-founders. The average numbe= r of programs loaded onto a victim's machine from an infected Website was 2.8, w= hile two years ago attackers would typically send a dozen or more malicious prog= rams onto these machines, he says.

"With a large number of programs, the attack can become more noticeable," he says. "That said, attackers have optimized their attacks and made them more efficient such that, per our data, only two to t= hree programs come down to make the attack less noticeable and more targeted.&qu= ot;

That would mean a downloader and maybe one or two pieces of malware, according to the report.

Daswani says another surprising finding was = that static Web pages represented a large chunk of the infected Web pages -- 40 percent -- while dynamic Web applications and pages accounted for 55 percen= t of the infected URLs. "[That] means that static Web pages getting infected are quite significant -- more than one might expect," he says. "As things like stolen FTP credentials and malvertising can be used to infect both static and dynamic pages, an approach in which Webmasters defend only their dynamic pages is li= kely to fall short and potentially result in infections." The rate of Websi= tes getting reinfected within three months was 42 p= ercent in the fourth quarter, compared with 39 percent in the third quarter, accor= ding to Dasient's findings.

Have a comment on this story? Please click "Discuss" below.= If you'd like to contact Dark Reading's editors directly, send us a m= essage.

Copyright © 2= 007 CMP Media LLC

 

------=_NextPart_01CADC78.B65EC1D0 Content-Location: file:///C:/EA89CAB4/MalwareReport_files/image001.gif Content-Transfer-Encoding: base64 Content-Type: image/gif R0lGODlh5AA3APcyAAAAAGZmZswzM0BAQL+/v39/f7KysoyMjNnZ2XBwcM/PzxAQEO/v7+WZmfX1 9cXFxZ+fn4ODg+Li4t/f3zAwMKmpqdlmZqCgoCAgIPLMzGBgYOzs7JaWllBQUI+Pj6+vr3l5ec9A QNJNTfzy8ry8vN+AgPnl5fXZ2e+/v9ZZWeyysuKNjdxzc////+mlpeyzs+KMjOaZmf///wAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH/C01TT0ZGSUNFOS4wFwAA AAttc09QTVNPRkZJQ0U5LjBCPKT1ACH/C01TT0ZGSUNFOS4wGAAAAAxjbVBQSkNtcDA3MTIAAAAD SABzvAAh+QQBAAAyACwAAAAA5AA3AAAI/wBlCBxIsKDBgwgTKlzIsKHDhxAjSpxIsaLFixgzatzI saPHjyBDihxJsiRCAwFSBvggY0QJCytGZLCQgsWIEyxSoGhRAsUICyZQ0Gxwk4UJGCksWBB64oSF EQ4SpNQAYoPJq1izSgTxr+s/EDJUhHiR4oQKEQ1UtGBhoYQIEyJimBBwIoaIFSEyZBBx4oUIAS5M pIDxsgUDr/8wTNDKuLFjgQUQg0UhIMaLFi9CrHgxQgTnDIIDCzARI4XYpiFMyFghQmAGAaNlbFjg VfHj27hHRvYK1oQLFiH6hnDhU4RPFKFH0HURgsXbvapZC3RQs4UMCbS7YpCQu7t3jbu7Fv+QAWOp ABR+M5xoMZi5CQssUKSOATQEihOpybcWOFjgBsTbfSfggBGF95UMJrAFg0w0PYVTCpe9l4ILLahQ Ak/32STDbwPBEIN/2SXGHYEklngQV7xd9V9tI5roYm4OIPABBByQYFUEiI1XUIwzfsDBBw9YdZAE BDxQJHcOKABBBRco4ACILBLUAgJFVolAQS0YwAEEXHZ5AQQKHDRBl2SWaYB1Bm3A5ZUIKbAlmRxU UAECaBb0AI1hDiTBBRycedAGX17wpEESVBCBBgFwQAADJLWgQAchLoCBAQfkKOUFA4TYlaQJLFaQ B7QtsECTmXq1wAB0zhblQBNgEGping7/5AAFiNW6QAAtClRBrbz+M8CgBe02QJ0FodgrBgnkKlAA XSVA0K5dEXDQA17FKlALH2DA6wAPjESCpgBaKhADCfQKYLcEeYBYqbxS4AADIQY4Lq2m5kmQAwOY 6xUFjA70gb5e/WoQA/QuYC1BOAKMgZADlXvgQAbU1i9BCoRqbQuVmrsAuh4ZBq6+OsrwL8Cb5qou yf90q6p2nragQa0kHIRvVwF4YLMHB+RLc50jL3DAzUAf8AGxAlHrlQcIJUzBzzaDQK+vxDoMFsQh OltQxf8YPFCWtR3wAAkJZIcBA0RnJAEHvX78T8gOZLypq7wmUOfJtiLmJ3a1eZqwVxwg/zTzPzHf 67DWAo1MQdkJteBwVwIblHAHxG4QXuACSU1QxIhxLBDWhMtAMONsytDCA9lFEPpGH+jsVQAGkHAA uCHL4ADa3EoQ4wNPizgQ3ZtGQIIBkPopG4DcYe5VAYjLrjNLO2r7D/Mia8cwQ6qK2tXpAz0O7HQd NFun5RDXisH2nMeKgFfYywCBdrFrlIDzXYEArNHHY0mCsghEyjHvGw+0AZ3+ixcD8La65CmvK9Aj CL0u4C/tTIwh0NIA2v4RgbJpzyAT5FfD4nc5cE2taBYbCLQ0WJANDOCEVuNI9xBjrb+JxyFPW4C0 BMK7AShkRdpRQO46sD2D/C2B03GeAf8amJgeJsQBK6yAqsbmuK7w0CAKkN4GHyYQzGGAWV3hWPkG krHGYckBLTBgRVSXmAcqTlwlnIAa1YiAGO5PMgZcWWJyR8Ij6myGskpY50a2MAf48Y9gJFSobLfC BxDtgnYq2RQ/KAPMUaBVXXHX5kIokIwFQIwfISMFpicDA8VudAGggKhGqSkZ7i5HcQTY4RbytwTQ iAMc8IDqIkCQnp3wlrfUnOgmqIEnXaArGjikE41IgE0xDHxVDJWjjmcd0mUtVhnTwEAYoIAHVPOa 6cOIJh/YSTRiDGVZeyMzEyLHXtFSIS401xOJqK8h3ote7sTbAjiJSIIUU3eV42D4shb/Riz+I0zO 7Fw091krG3ZEk5z0pAjBmTU88g555ERZNmVFRvFBgJsjyxopR0m5zUlRdEkkVj0Hcs8FtAiZjdzU kxzgPHfl75lcBCZB1+URhBZkb2sbF/wSUwBYwhJ+/aMhKskJLuvty4B/OwABfkevDhyEjwpAgFSn ioDttWA3KUwp1BA2TIMYTV4yQKkBQvWkFpDgaC8VqPcEggAQJEAq2TEoR8g4Tym9rH4yoJ+vlKU6 Uwp1nAjB4aaUVKu++U1nHDOevYg4PoYwwHkX2IAENrCBLWavq1fTzkn1WUXtDMplm+IAJWWQsXUS ZAP0kutGIJW5e+1UR7/0yjll5cZT/wL2T5qqgOxyZ9LDIpC2TiQaH7l5kHtmDQPIRe7RuPoP0y70 H3UUq0r957zsdG6CXgwg4zxSgJ0OQALWcYCBcioDaAFze3r1qwwemspV6bW5Rjzg8why1q4sNnpl XAhoSSZJgTyOaC3AYi8X2cGsAYtriOmc0eqa2cQEwCMPuGttEgCCipL3pasjwAQeUIBSilM8cYzX iFqwQq8MzYfLeyfjiMXH+J42OxToQAcGMOMZe8VeIx1ddgybTypqdQFWLTFMoURBYv2tAx3VCAOM hzIdzcpWalMveyO6quuUkpPyBWJ9U1ZL7SCAsmAGM9mwFUnb+bEFf1zhBx83AcpOAP8BEbDuA6Vb xIIQcMiiMxYIFMCADTxAdQRwsUXQbGFz6Wh0DA3qeocaWBFvzW0721GKVewrYGU0a5h+FQ9boDNG Xs6B/k0wphGTZLGS1SAZ7dxuTaVcZmKyIiY8lpA/2ALR9ooCMaQc70DQXpYR5LEwM7LOdFsQ47mz vCgbFobvq91/zHC84jsxQbDIyJ4ZkcSbOtgGhGyqAwhayZhyFXJxRQJc45rHolNAAJArqQF4QAJO M7e9LmBuCnggjvX+bkHKne8HOkADuE6y7DqA62AKhN/1TjgFLvkBXDtXSgnAtdU4oPCCQyCbB8A1 0kiK6+zqqePK8pwBNJBcDOz52xz/ccD/EEBccv5vAygn0aux9CLqbaDPNc+5znfO8577/OdAj8hN YkAYy6gm6EhPupRwApumC0AELoi50qcu8wyEwOlNV4qGqA4SB7z5y2JEM0PQjKYWSGCqExjgBsL+ ZjViMkYTvQh+nC6CEsAmOCy40EHMPtWW2xm812qzAc0+AanfZgJvfevBCvKBAqAcbEKaXeJBADZi HzEAbw2AwAvCgAgcoGMpwDqF7E4X9mRAZgfAfAKOnZAIcGBQDgABB5AKAg0we0AT0IABEBCACzBA qgRowQQqEOi2BYBOwzekYVrHgNkFIPii+70GfL+BBNSIBE+SQOuA5YBESaAAEfD6/wSmBF7tk4Bs BHASAiZAggeAcfiBNrsBDMCoDczf7zJ4DdYt4IK/0CX/FlA2DuB5DNB8cLd7ooMAxPckntc6YWR9 svMAFXAwEpASEBBeEjh+ZgckT8IABPAB3OEoFRAmU7KAMycRufcA5MIB6lYzCJAAEZAAcyIVE5gA B5AA2FcAbhUBCgACAeBt/pMAzPNWPugkIBCDFzgdiTIBBXCBPcUAAQAB1ReDB7ABsgdvFHZ81XeD 9GeDNsgA4AcCjrd3K4B1+2cdP3ECBtECERABkuV1VPFWMfKDrkRaAeCDwWd92OKFE9MCBAACECA/ LVABCVAACUBZFCaDsyOG8kMANf+jAetngysRchkxAXcoFW+meQxAiBtQASCwiQHgACihAJ6HAJCo AAmwZLhCEBIgg6JjfVBIAuqmJIc4HVIRALbHhh4QFRdgiu1HAPDGAa24e89nAAmgAAcQAQSge9VU gR+gANgnMxZghk0XHNcSHz6UeimhABJge6ZIWbJYAONxAFWRjLF3UdanbnjEhhzAe7YjhN+HACQQ AJt4AK1YAQ8QALSoAB+AABH2AAagAFhWiTVDAHSCilcCAY7niQ5AiA7wARoQAR5AAt9oGFkSANNz j6/4AQygAe13hwdwUUoojAdQAAzwM1FxgRWAeUYojCBgAK34gRR2ABUAigngfvP/uHqIMwKhh3VJ 0QBHJxAl8ALZWABqxAC5l4kwxwE7SFq7eAAHwAAg4HtvJZH2EhVNqAEqKIRo5gAX4Cxo1o0w+G6S 84PNxwF3WFUfkXt49AAJkJCf+AGfuJINmQAO8AAPYIoSIAHhhxIZ6YqKU5MemY9nZwCwF4V1KQFQ eY5+pgAe8JZXCAI1SAAGUBXQSCQT4AG4ogAKcAGruIbT2HQikAEjsIbYuCOeB0ZTogEToG4bMI9n Mx4R4HgeEH6ASC4V8JAtwnuFGIXVd37tOI8OQAAQUIHnZwD/UyQBUAESYE3iuHkYkXvHlo9Xom4c oIcV4JHq5pm5CYNuNZwSVCcV/6hbAeZ7SLYBiWKDh3mHEuR8qQcBlggBswlv7yaDlmiQ6TmBGiCf BVCBsfSJZFiNatgSBcGTQZlHATCbBpB7COCajriSB3BVP8g63fd6HiB7GHktI2c7aLkBj4mWEmCJ 17mLs3mDDOCZHxAAeLmc1hd3FsEAJBArr2kVo/Mj2beAD9AnYYQAFxBZaFYBwuM5Bik6FCmK46ck NSkrS2UA7ncdQGpNjrIk4JV+w8lywDg6EPABYISka4cAENCLCXECTccC1oECZbE1QlE2jjJ/uwej fYZ9DQkkhlRNH5CbfhgmmwgmZWck1iEB2Jen3YKlWuqkvYhmM0ICYUQCP0I2XGH3Ii0QmiUgEGVI lALRGafXqJhaIiZwdSmAhqQpEO+xAieYqaSaFXNHIQMhEymgd6Xaqt9hAiXQHCvQAC/hGaPqqrhK EiOAAkhREy4woLkarMI6rMRarMZ6rMiarMr6EAEBADs= ------=_NextPart_01CADC78.B65EC1D0 Content-Location: file:///C:/EA89CAB4/MalwareReport_files/filelist.xml Content-Transfer-Encoding: quoted-printable Content-Type: text/xml; charset="utf-8" ------=_NextPart_01CADC78.B65EC1D0--