10% of Websites Sport Malware

By Greg McNevin

May 16, 2007: According to a new report from Google, one in every ten websites are infected with some sort of malware that can pinch personal details.

After putting 4.5 million+ websites under the microscope over the last year, the search giant found that over 450,000 sites tricked the visiting computer to automatically download files such as spyware and key loggers used to steal user information.

Titled “The Ghost in the Browser”, the report paints a grim picture of online safety, particularly considering a further 700,000 pages were found to house risky “bot” code, opening up the possibility of visiting machines being hijacked and used in widespread denial of service attacks and more.

“We expect that the majority of malware is now spreading via web-based infection, because the computer of an average user provides a rich environment for adversaries to mine,” writes study leader Niels Provos.

“Banking transactions and credit card numbers, for instance, are much more likely to be found on a user’s machine than on a compromised server.”

Google claims it is now attempting to warn users of suspect sites by labelling them as such in returned search results.

Comment on this story