Researchers discover the ‘biggest web malware threat’

A new web-based threat is claimed to blow all web-based malware out of the water', after it was found to be six times more prevalent than its nearest rival.

SophosLabs researchers said that malware it calls Troj/JSRedir-R' accounted for 42 per cent of all malicious infections found on websites between the 6 and 13 May.

This was far more than its nearest rival Mal/Iframe-F', which only made up seven per cent of infections.

Sophos said that JSRedir-R was usually found on legitimate websites behind difficult to understand JavaScript.

The malware would attempt to download malicious content from third-party sites without the knowledge of the user.

Sophos security analyst Graham Cluley said on his blog that for this malware to overtake Mal/Iframe-F in the web malware charts was "quite an event".

He warned website owners to make sure sites were properly protected to prevent hackers from injecting malicious code into pages.

He said: "No-one should be in any doubt that the web is the primary vector by which hackers are trying to infect computers today."

Sophos virus and spam researcher Paul Baccas also issued advice if a website was found to be infected.

Last month IT PRO reported on how criminals are targeting the web browser as the 'weak link' in the security chain.