Peter Dinham
Thursday, 01 October 2009 07:24
Business IT -
Security
Page 3 of 3
“Furthermore, an analysis of older domains, those that
have been registered for more than three months and compromised to
serve malware, indicates that the majority, 90 percent, of these
websites are taken down after 138 days, much longer than their younger
counterparts.
MessageLabs Intelligence found that overall, 80 percent of domains
being blocked as malicious for serving up malware are in fact
compromised, legitimate websites.”
Wood warns that it is of “greater benefit to an
attacker to compromise a legitimate website as opposed to setting up a
newer, specialized domain to serve up malware,” and, he adds,
“fundamentally, using legitimate websites to spread malware reduces the
labor for the cybercriminals and extends the lifetime of the malware.
Moreover, by taking advantage of the Add Grace Period, a policy that
allows scammers to register a domain at no cost and cancel after five
days, ‘domain tasting’ and ‘domain kiting’ have become common practice
for cybercriminals, allowing them to beat the system without ever
paying for malware distribution.”
On spam, Symantec says that in September this year, the global ratio of
spam in email traffic from new and previously unknown bad sources was
86.4 percent (1 in 1.2 emails), reflecting a 2.1 percent decrease since
August. Spam levels for Q3 2009 averaged 88.1 percent, compared with
81.0 percent for Q3 2008.
And, with viruses, Symantec says the global ratio of email-borne
viruses in email traffic from new and previously unknown bad sources
was one in 399.2 emails (0.25 percent) in September, a decrease of 0.09
percent since August. Also in September, 39.8 percent of email-borne
malware contained links to malicious websites, an increase of 22
percent since August, while in Q3, email-borne malware activity
averaged 1 in 330.3 emails compared with 1 in 122.5 for Q3 last year.
Symantec also found that an analysis of web security activity showed
that 12.3 percent of all web-based malware intercepted was new in
September, an increase of 0.4 percent since August, and it identified
an average of 2,337 new websites per day harboring malware and other
potentially unwanted programs such as spyware and adware, a decrease of
33.4 percent since August.