According to data released by ScanSafe, ongoing SQL injection attacks outpaced all other forms of website compromises by 212 percent since the beginning of 2008. According to the company's data, 76 percent of all compromised sites fell victim due to inadequate protection against SQL injection. As a result, web-based malware attack attempts have risen by 30 percent overall since the beginning of 2008--that rise began to increase significantly in April.
The company said that as of January 2008 about 46 percent of all malware attack attempts were attributable to compromised websites, many of which are high traffic sites operated by large well-known companies. By June 2008 that percentage had risen to about 66 percent.
"The impacted websites are typically known, legitimate, and trusted sites with a business purpose. These are sites that users visit frequently and the attacks are so stealthy and unobtrusive that most visitors don't know that they've been infected," said Mary Landesman, senior security researcher at ScanSafe.
The vast majority of all malware blocked by ScanSafe over the past 6 months were backdoors and password stealing (PWS) Trojans, followed by download droppers that are used to install all sorts of other malware into an affected user's system. The spread of backdoors and PWS Trojans has increased dramatically since May. The most common method used to propagate such attacks was through malicious IFRAMES embedded into the web pages of compromised sites.
ScanSafe said their findings are based on the results of analysis of "more than 60 billion Web requests" that the company scanned on behalf of its corporate customers around the world. In the process of that scanning the company claims to have blocked "600 million Web threats." The company also said that it's data "represents the world's largest security analysis of real-world corporate Web traffic."
