Over a million websites were compromised by malware in the second quarter of this year, according to a report from security firm Dasient.
The report was compiled from the company's telemetry systems which, it claims, monitor millions of websites daily. The figures are then extrapolated to render infection rates across the internet.
Malware attacks appear to be rising at a rate averaging around 24 per cent according to the numerous research figures on the internet. Dasient's own figures show 56,000 websites poisoned at the end of last year followed by 720,000 in the next quarter. With the new figure of 1.3 million the trend seems to be a rapidly rising curve.
Malvertising is an area of concern, according to the research team.
Malicious online advertising, or malvertising, is an area of concern, according to the company. They look like harmless adverts but deliver malicious code when they are clicked on or lead the victim onto a more treacherous website.
It was estimated that 1.6 million malvertisements are served every day. Usually, the website owners soon eliminate them but the attackers have discovered a way to gain time. By posting the ads at the end of the week they usually have a few days before a webmaster comes anywhere near the site and then the malvert has to be discovered.
The researchers reckon that the average malvertising campaign can last for 11.5 days before being eradicated.
Another attack highlighted is the use of third-party widgets on sites. It appears that 75 per cent of websites import JavaScript widgets for building the site. If just one of these becomes infected it will potentially affect hundreds of thousands, dependent on the widget's popularity.
A further 42 per cent of sites use advertising-related resources to manage their own in-house ads or to show third-party ads on auxiliary sites. Even financial websites have been known to fall for this but the main villains are publisher sites.
The Dasient team offers the following advice: "The malware epidemic is not slowing down - on the contrary, it's exploding. Now is the time for businesses to educate themselves on how they can put safe security practices in place for their websites to protect their customers, their brand and their revenue. The first step is to make sure they are not exposed by monitoring their websites for malware regularly."
