Following publication of its latest Security Threat Report, Sophos has noted that most worrying for computer users is the fact that the majority of infected Web pages are being found on legitimate Web sites that have been hacked, says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"Sophos noted that, from January to the end of March 2008, an average of more than 15 000 newly infected Web pages are being identified each day," he says.
In contrast, just one in every 2 500 e-mails is now infected, compared to one in every 909 in 2007, he notes.
"The top two Web threats, Mal/Iframe and Mal/ObfJS, which are together responsible for more than half of all the online malware found by SophosLabs, are programmed by cyber-criminals to infect Web sites by taking advantage of vulnerabilities," explains Myroff.
"Sophos experts warn that companies can protect their networks by investing in Web security that scans a Web page for malware before granting access, while companies need to ensure their Web servers are protected against hack attacks," he adds.
Trojans and worms
"This week saw a number of Trojans emerge," he says. "Among these, is the Troj/Bancos-BEA which is affecting the Windows platform. It installs itself in the registry."
According to Myroff, the Troj/Keylog-KE, another Trojan for Windows, has also been noted and also installs in the registry.
The Troj/Qhost-N Trojan has also been detected, he notes.
"Worms making the rounds this week include W32/Autorun-DP. It is affecting Windows users and installs itself in the registry. It is currently spreading via removable storage devices."
The W32/Imaut-B worm has also been noted and is, again, affecting Windows, he says.
"While these threats remain the order of the day, about 1% of Web requests are now delivering an infected page, most of which are legitimate Web sites. We are being reminded that it's not just the small, independent sites that are being hacked. With compromised Web sites of household names now serving up malware, it's more important than ever for users to ensure they're using a fully protected machine, and for businesses to protect their Web servers from the risk of attack," Myroff says.
Share
Editorial contacts