Google finds malware on 1 in 10 Web sites
In a paper (PDF) presented at last month's HotBots 2007 conference, researchers from Google say they've found malware downloads lurking on 1 out of every 10 Web sites visited. For this study Google analyzed 4.5 million URLs. The researchers determined that 450,000 of these contained some form of malicious code. The researchers identified four methods used to infect the unsuspecting Internet surfer. One is site-based, such as compromises in Web server security, but the others involve common user activity such as downloading user-contributed content, clicking Web advertising, and installing third-party widgets.
Attacking Web servers can be done with just an Internet browser. By appending carefully formed JavaScript onto vulnerable Web URLs, criminal hackers can inject malicious code onto the desktops of all future visitors to that site. Recent flaws in QuickTime and other media files allow attackers to use user-contributed content, such as video or music downloads, to spread bad code. Recently, Exploit Prevention Labs sounded the alarm about attackers using Google AdSense advertising to spread malware. Finally, widgets are yet another vector.
The research authors do not proscribe a solution, rather they conclude that the code used to infect innocent computers changes rapidly, making a survey such as theirs hard to complete. Recently, CNET reviewed several browser companions that analyze and rate Web site search results, protecting you before you click.
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
