Share

Related Stories

Top 5 Stories

News

One-quarter of websites examined by testing service were malicious

08 August 2012

One-quarter of the 30,156 websites tested in the second quarter by Zscaler’s Zulu service, which tests the security of websites, were malicious, according to Zscaler’s second quarter 2012 State of the Web report.

Mike Geide, senior security researcher for Zscaler ThreatLabZ, cautioned that users of Zulu send suspicious websites to be tested, so the results are likely to be skewed from the general website population. “Keep in mind that the service is meant to be receiving suspicious websites and reporting results on those sites”, he told Infosecurity.

The State of the Web report found that users are slow to update browser plug-ins and attackers know it, as witnessed by the Flashback Trojan, which infected over 650,000 Macs leveraging a Java vulnerability. However, the situation is improving. In the second quarter, 35% of installed Adobe Shockwave plug-ins were outdated, down from 52% in the fourth quarter of 2011.

Adobe Acrobat was the worst in terms of updating, with close to 62% of plug-ins being outdated in the second quarter, followed by Adobe Shockwave with 38%, Microsoft Outlook with 5.7%, and Adobe Flash with 4.3%.

“Outdated plug-ins are vulnerable to exploitation, and the bad guys know that”, Geide observed.

Zscaler also identified a number of prominent websites – online ticket seller cleartrip, Computerworld Mexico, and the French Minister of Budget – that were compromised, redirecting visitors to malicious content.

“We noticed that we had some signatures triggering on those pages. We were blocking transactions to those sites. When we dug in to find out what was going on, we found that they had been compromised and were redirecting traffic to an attacker’s website that contained an exploit kit”, Geide noted.

In addition, the report found that social networking sites accounted for 4% of the websites blocked by enterprises at the end of the first quarter, up from only 2.5% at the beginning of the quarter.
 

This article is featured in:
Application Security  •  Compliance and Policy  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×