Websense in its bi-annual research report has revealed that 13.7 percent of searches for trending news/buzz words (as defined by Yahoo! Buzz and Google Trends) led to malware. Search engine optimization was poisoning attacks target the top searches enabling hackers to drive traffic to their sites.
In contrast to the first half of the year where mass injection attacks like Gumblar, Beladen and Nine Ball promoted a sharp rise in the number of malicious Web sites, Websense Security Labs has seen a 3.3 percent decline in the growth of the number of Web sites compromised. Malware authors have replaced their traditional scattergun approach with focused efforts on Web 2.0 properties with higher traffic and multiple pages.
Overall, comparing the second half of 2009 with the same period in 2008, there has been an average growth of 225 percent in malicious Web sites.
Malware authors continue to exploit user trust with 71 percent of Web sites with malicious code being legitimate sites that have been compromised. Web 2.0 sites allowing user-generated content are a top target for cybercriminals and spammers. Websense Security Labs identified that 95 percent of user-generated comments to blogs, chat rooms and message boards are spam or malicious.
Websense Security Labs also found that 35 percent of malicious Web attacks included data-stealing code, demonstrating that attackers are after essential information and data.
Tens of thousands of Hotmail, Gmail and Yahoo! email accounts were hacked and passwords stolen and posted online which resulted in a marked increase in the number of spam emails. They also identified that 85.8 percent of all emails were spam.
Lastly during the second half of the year, 81 percent of emails contained a malicious link.