- CBS INTERACTIVE UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
To print: Click here or Select File and then Print from your browser's menu
This story was printed from silicon.com, located at http://www.silicon.com/
Story URL: http://software.silicon.com/security/0,39024655,39263296,00.htm
Malware-infected site detected every five seconds
SQL injection attacks on the rise
By Nick Heath
Published: Wednesday 23 July 2008
A website infected with malware is detected every five seconds - a dramatic increase over the last 12 months due to the rise in SQL injection attacks.
Websites poisoned with malware capable of infecting visitors' machines are being discovered at a rate of 16,173 per day - three times faster than in 2007.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
Antivirus firm Sophos found that more than 90 per cent of the web pages capable of spreading Trojan horses and spyware are legitimate websites. Recent infected websites include those of ITV, Sony PlayStation and a golf page on the BBC site - all these websites have now fixed their security hole.
Hackers place malware into the database running a website using SQL injection attacks, which can allow Trojans and keyloggers to be automatically installed on visitors machines.
According to the Sophos security threat report Blogspot.com, the blog publishing system owned by Google, was found to be hosting two per cent of the world's web-based malware in June 2008 - with hackers hosting malicious code on blog pages and posting links to malware infected websites in comments.
Senior technology consultant at Sophos, Graham Cluley, said: "Many businesses are increasingly putting themselves at risk by not scanning web activity and employees are going to these websites and getting infected."
He said the biggest threat comes from home workers because the wider range of websites visited in the home increased the risk of getting infected.
The security threat from email attachments has fallen dramatically during the same period, dropping from one infected attachment in every 332 emails in the first six months of 2007 to one in every 2,500 during the first six months of 2008.
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
