The days when e-mail was the most popular disseminator of viruses and other malicious software (malware) are long gone. Cybercriminals are using websites to distribute toxic programs: deceiving visitors, stealing personal information and crashing computers.
"Last year, most new infections occurred while people were surfing the Web," says Rowan Trollope, senior vice-president of security and storage software provider Symantec's consumer business unit.
People who explore a wide spectrum of sites - blogs and personal homepages among them - are increasing the risk of seeing their computers fall foul of malware.
"The number of malware-infected sites polluting the Web has grown at a startling pace," says Nigel Mendonca, Asia director at MessageLabs, the messaging and Web protection services arm of Symantec. Mendonca estimates that 100 million visits are made every month to Web addresses that are infected with malware.
Rival internet security company Macafee last month announced that searching online for Hollywood actress Jessica Biel was more likely (as much as a 20 per cent chance) to take you to a site containing malware than looking up any other celebrity. Meanwhile, United States-based Symantec listed what it describes as this summer's top 100 "dirtiest websites". The infected sites - 48 of which feature adult content - were identified by the company's Norton Safe Web service, which analyses and rates sites to help consumers stay safe online. The list is ranked according to the number of threats detected on each website.
The average number of threats - viruses and other security risks - per site on the list is roughly 18,000. Forty per cent of the sites on the list contain more than 20,000 threats. This compares with an average of 23 threats per site for all the sites rated by Norton Safe Web. Seventy-five per cent of the "dirtiest" 100 sites have been operating for six months or more.
Viruses are by far the most common threat on the list; simply by clicking onto one of these sites puts a computer at risk of infection and, worse, jeopardises the personal and financial information of its user.
"The underlying aim of the `bad guys' in concealing malware within a website is, quite simply, to take control of visitors' computers," says Mendonca. "Once that has been successfully achieved, the scope for exploiting the infected computer and its owner is almost limitless."
The dirty 100 are wide-ranging in subject matter and include sites dedicated to catering (gardens-restaurantandcatering.com; No 33), figure skating (figureskating.spb.ru; No 57) and legal services (truck-accidentlegalcenter.com; No 94).
"Protection is no longer simply a question of avoiding 'dodgy' or unknown websites," says Mendonca.
Threats found on mainland-based site qsng.cn (No71) include so-called drive-by downloads. These are computer codes that take advantage of a software bug or weakness in a Web browser to bring a computer under the control of an attacker.
"Examining the Web domains that host or redirect visitors to malicious content can provide an excellent insight into how the bad guys operate online," says Mendonca.
One of the first things security analysts look at is the age of malicious domains; that is, the length of time between when a domain was registered and when it was first detected as having malicious content. This gives them an idea about how quickly domains are being targeted.
MessageLabs monitors more than 240 internet domains - such as the prominent ".com" and ".org" and country-code top-level domains such as the mainland's ".cn" and ".ru", for Russia - and each day blocks about 2,000 sites that host malware or redirect visitors to those that do. The mainland hosts 10 per cent of the "young" domains online and MessageLabs has found those are responsible for about 44 per cent of the blocks it makes.
"Almost half of those domains are being blocked for the first time. This means more and more legitimate sites are being compromised and new malicious sites are being established," says Mendonca. "Clearly, the bad guys' mantra is 'present a moving target'.
"The location where cybercriminals are setting up a malicious website doesn't necessarily have to match the country where the domain is hosted."
The danger list
In reverse order, Symantec's top 10 worst websites of deep, dark cyberspace follow. The company strongly suggests avoiding these sites, or risk making your computer vulnerable to infection or cyberattack – and be warned; the list includes explicitly named sites that contain even more objectionable content:
10 firstsexyteen.com
9 movteenhard.com
8 freeactporn.com
7 cityactpornamateur.com
6 firstlessonsex.com
5 firstassparad.com
4 voenpens.ru
3 bestsexyteenshow.com
2 youngbestanal.com
1 aladel.net (70,600 viruses)
