Blackhole dominates web malware attacks

According to a recent security article from Sophos, “drive-by” download attempts now comprise more than half of malware assaults on Web users. And the most seen drive-by exploit accounts for 31 percent of the internet attacks discovered by the company’s security package in the last half of 2011—a bundle called Blackhole.

Blackhole constitutes an exploit kit accustomed to inject malware, adware and spyware into PCs that visit an exploit internet site, or are redirected to such a site from a different, compromised website. The kit’s developers endlessly update Blackhole’s exploit capabilities, which revolve around Java vulnerabilities, but Sophos alleges that a lot of computers continue to have older exposures because of haphazard Java patch installment. Hackers commonly apply the exploit kit to drop malware specified botnets assembled with the Zeus toolkit, rootkits, or false antivirus bundles that pressure users to pay for deceitful malware protection.

Amongst the additional security statistics in Sophos’s article:

• The US tops the world in sources of spam e-mails, accounting for 11.43 percent of 2011’s detected traffic. India was the closest runner-up, at 8 percent.
• The riskiest place to run a computer network in the world is Chile, measured by the percentage of computers experiencing a malware attack over a three month period, scoring a threat exposure rate (TER) of 61, nearly ten times the rate of attacks on systems in the US. China came in second with a TER of 45. The country with the safest network: Luxembourg.
• Conficker, the Windows worm also known as Downup and Kido, is still the most commonly detected malware in the world over three years after its first detection. The worm, which spreads over network connections, thumb drives, and other removable media, accounted for nearly 15 percent of all infection attempts caught by Sophos in the last six months.