In the fourth quarter, there were three million malvertising impressions per day, compared with 1.5 million impressions in the previous quarter, the report found.
One reason that malvertising impressions jumped so much is that the company began monitoring “remnant” ad networks in the fourth quarter, explained Neil Daswani, chief technology officer at Dasient. “These ad networks work to fill advertising space that doesn’t otherwise get allocated and would typically be filled with house ads. We found that, due in part to tracking the remnant ad networks, there was a large malvertising increase”, Daswani told Infosecurity.
At the same time, the average lifetime of a malvertising campaign dropped to an average of 9.8 days in the fourth quarter, compared to 11.1 days in the third quarter. “That was due in part to the fact that we are monitoring our customer ad networks. When there is a malicious ad that gets put on their networks, we find it and help them lock it down very quickly”, Daswani explained.
In addition, more than one million websites were infected with malware in the fourth quarter, twice as many as detected in the same quarter in 2009. During all of 2010, the report estimates that over four million domains were infected.
The report added that the probability an average Internet user would hit an infected webpage after three months of browsing was a staggering 95%.
The top attacker domain was ipq.co, a free DNS forwarding service. Cybercriminals use DNS forwarding services to hide their identities and reduce the costs of carrying out their attacks, the report said.
“We are seeing attackers using a lot more of these free services in order to propagate their attacks as a way to reduce their costs and get wider distribution for their attacks”, commented Ameet Ranadive, vice president of products at Dasient.
Dasient conducted experiments on various social networking sites and found that malware infections can occur “relatively easily” via user-generated-content interactions, as well as advertisements on those sites.
Daswani said that the company tested a dozen networking sites and found that only 19% of them check links for malware and few sites have any countermeasures for malicious advertising. “Checking links against some of the lists of malicious sites is an easy thing to do”, he added.