ScanSafe Reports Malware Up 278 Percent in First Half of 2008
Leading Provider of SaaS Web Security Reports That SQL Injection Attacks Fuel Compromises; Password Stealers and Backdoor Trojans Most Commonly Blocked Malware
LONDON and SAN MATEO, Calif. —July 16, 2008 —ScanSafe, the pioneer and leading provider of SaaS (Software-as-a-Service) Web Security found that en masse compromises of legitimate websites exploded in June, accounting for 66 percent of all malware it blocked and contributing to a 278 percent increase in Web-based malware for the first half of the year.
“The mass compromise of websites poses particular challenge to corporate users,” said Mary Landesman, senior security researcher, ScanSafe. “The impacted websites are typically known, legitimate, and trusted sites with a business purpose. These are sites that users visit frequently and the attacks are so stealthy and unobtrusive, that most visitors don’t know that they’ve been infected.”
According to the latest ScanSafe Global Threat Report:
1. Malware Increases 278 Percent: Web-based malware increased 278 percent as more and more legitimate sites including Wal-Mart, Business Week, Ralph Lauren Home and Race for Life were compromised. This widespread compromise of legitimate websites was largely the result of automated attack tools which became freely availably in the last months of 2007.
2. SQL Injection Attacks Outpace Other Attacks by 212 Percent: SQL injection attacks, an exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data, have rapidly become the most common form of website compromise, outpacing all other types of compromise by 212 percent. In June, SQL injection attacks accounted for 76 percent of all compromised sites.
3. Password Stealers and Backdoor Trojans Most Commonly Blocked Malware—Putting Corporate Data at Risk: Most of the compromises attempt to install password stealers and backdoor Trojans. This category of malware increased from 4 percent of malware in January to 27 percent in June.
The ScanSafe Global Threat Report is a study of the more than 60 billion Web requests it scanned and 600 million Web threats it blocked from January through June 2008 on behalf of corporate customers in more than 60 countries across five continents. It represents the world’s largest security analysis of real-world corporate Web traffic. A full copy of the report is available at http://www.scansafe.com/resources/global_threat_reports2/.
