Malware More Likely to Come From Legitimate Sites

Malware More Likely to Come From Legitimate Sites

Google has released new data that shows simply avoiding ‘bad’ websites is no longer enough to avoid malware infections.–PC Pitstop

By Stu Sjouwerman, for Security Awareness Training

Avoiding Bad Sites Is No Longer Enough

If in the past your way to stay safe on the Web was to not visit dodgy sites like gambling, porn, piracy or other “unsafe district” locations, that strategy no longer works. Google released brand new data today that shows you are much more likely to be infected by malware visiting normal websites that have been compromised by the bad guys and made into drive-by attack territory.

Google’s Safe Browsing program flags and warns users about well over 10K malicious and/or suspicious website every day. The scary part of the report is the amount of legitimate compromised sites hosting malware compared to sites specifically developed by the bad guys for malicious purposes. Here are the numbers; first week of Jun/2013, 37,000 legitimate sites were compromised to host malware. At the same time, they found only 4,000 sites that were developed for the unique purpose of infecting people. The upshot?

Nine out of ten times your malware infection comes from a legit site that has been compromised!

Here is the graph-Article continued here

This excerpt appears with permission from

304 total views, 2 views today

(Visited 1 times, 1 visits today)

9 thoughts on “Malware More Likely to Come From Legitimate Sites

  1. I run both Spybot (free) and Malwarebytes (upgraded version)”that are kept up to date always”, and run them weekly. They both clean up my machine well. That is in addition to Norton Internet Security which wants me to uninstall Malwarebytes all the time saying it is in conflict (which it is not). Software wars??? hehehehe

  2. The way they actually get the payload onto your system is through compromised adverts in many cases.
    block ALL advertising, if you use firefox (version 22 just released) use add ons called No script (this will allow you to determine what a website can run on your machine) Ad block plus, (this stops adverts from being fed into your machine) and Hellboy firewall as a backup ad blocker.

    Do not rely on an anti virus to have the virus detection signature it requires to stop a virus that has just been manufactured and placed onto an ad server for “drive by” downloads.
    Block the adverts and when the ad companies realise they have to do more to protect us from their lackadaisical and uncaring attitude towards the inconvenience and harm compromised adverts have on us, and they do more to fix the issue, then re-consider allowing them back onto your machine.

    Also consider comodo internet security the one year license is not expensive (19.99), the free version is also excellent, this firewall also protects your system from malware infections through its H.I.P.S safety process, go read about it, also offer a $500.00 guarantee against infection.
    it is not a gimmicky program, it is exceptionally good at what it does

  3. Isn’t that a sort of euphemistic conclusion made by Google? I accordance with my use of the web I rather conclude that all this comes from the increasing need of business to widen its action and make the Internet a means for quick – and not necessarily safe for the user… – trade. Each page we nowadays open is an unequivocal proof of that. The good story people tell us is: Internet was conceived to fulfill a ‘higher ideal’, namely, the pure trade of knowledge. I it is indeed history, then there’s been a kind of betrayal of those ideals.

    I have no difficulty in sketching how this comes to take shape: from one side we have the ‘hackers’, also known as ‘bad guys’, who in fact are developers ‘off stream’ (a term that may mean just unemployed or underemployed) and whose abilities are far from being below the ones the ‘good guys’ have – I bet in the opposite of this idea; and from the other side, the business people, always eager to do no matter what for their profits (no news on this matter too). It is widely known that, due to their capabilities or even to their independence, the ‘bad guys’ develop a lot of tools that fit exactly the needs of the people in the other side (or even in whatever side we can figure out – those guys are really good): the result of this is obvious. And to worsen the scene (or to make it more funny), it’s also natural that the ‘good guys’ working for the business people keep in touch with the ‘bad guys’, as they are indeed one and only people, as far as I know, and that some of the business guys have a true and sincere interest in keeping each one his collection of ‘bad or good guys’ working in innovations that can still be taken as legal ways to address us, the costumers.

    I’m so sorry for my frankness, but in short this is but the same old moral mess we live with since we started to write history, worsened by the surreal belief that money is a true substitute for things we need or like…

  4. It's a well known fact that 6 out of every 10 infected sites are legitimate sites. Not sites written to infect you but sites that have become infected and, if you're not properly protected will pass that infection on to you.
    That's another good reason why you should be using avast! It checks all of your internet activity and prevents you from going to infected sites.
    Yes, it's true that no AV program is 100% effective and therefore any one of us can at any time run into brand new Malware for which there isn't yet any protection. Creating regular image backups is something everyone should be doing.
    Doing that will turn an infection or hardware failure into an annoyance not a major catastrophe.
    If you're interested in learning more, attend one of my free presentations.

  5. No amount of internet security is over kill. I do the same as you using Morton Internet Security. I also use Norton Ghost to have a recent backup image of my whole C drive, just in case. You can’t be too safe these days. Also I use Linux on my old laptop for banking. Keep doing what you are doing fredd.

    • @Mike Regan: Overkill can happen in a way. Technically you could block loads of stuff but there’s always a chance of blocking legit stuff.

      The best way really is to use a security suite with also common sense. Don’t just click unknown links, don’t use the same password on multiple sites etc.

  6. I religiously use an up-to-date Norton 360 and Spybot. Whenever I close my internet (IE10) I run CCleaner, then Norton quick, Once or twice a week I run Spybot, Once a week I run Norton full scan.

    Is this overkill or a good idea.
    Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.