Dasient Security Q3 Study - Malware is everywhere

In monitoring developments during the third quarter, Dasient Security noted an increase in malicious web pages as well as web 2.0 security concerns (e.g., Twitter and Facebook).

Dasient Security Report - Malware is everywhere
http://www.pcmag.com/article2/0,2817,2373157,00.asp
http://blog.dasient.com/2010/11/normal.html

QUOTE: In Q3 Dasient continued to monitor millions of sites on the Internet for web-based malware infections and malvertisements. Based on the data gathered, we estimate that in Q3 over 1.2 million web sites across the Internet were infected, which is double our estimate from exactly one year ago (see Figure 1 below). The web malware problem continues to grow dramatically as an increasing number of legitimate sites are getting infected.

Looking at the major modes of communication used on the Internet, email was one of the first such major mode of communication, and we saw attackers take advantage of it by distributing viruses as email attachments. Over time, we saw that email became web-based with services such as Hotmail, Yahoo! Mail, and Gmail, and such services had to incorporate anti-virus software on their servers to scan email attachments for malware.

As web page views continued to increase and web pages themselves became more and more interactive via Web 2.0 trends, cybercriminals took advantage of the advent of drive-by-download techniques to infect users without requiring the opening of attachments, thereby allowing them to exploit web pages as an increasingly pervasive malware distribution platform

As we approach 2011, we predict that as the usage specifically of social media web sites continues to grow, drive-by-downloads and rogue anti-virus will be used more aggressively on platforms such as Facebook and Twitter, as evidenced by threats such as the Koobface botnet that continually targets Facebook