From Computing UK:
A study released today by Google has warned of “very high levels” of malware being hosted on websites.
In a year-long scan of over 4.5 million sites the Google team found code on 450,000 pages that could inject malware onto users’ PCs via improperly patched browsers.
A further 700,000 sites hosted similar code that, while not necessarily malicious, could harm the security of the PC viewing the page.
“In most cases, a successful exploit results in the automatic installation of a malware binary, also called drive-by download,” said the five-member team which wrote the Ghost in the Browser paper.
“The installed malware often enables an adversary to gain control over the compromised system and can be used to steal sensitive information such as banking passwords, to send out spam or to install more malicious executables over time.”
Web propagation of malware differs from the traditional method of sending via email attachment in that no user interaction is required, merely a visit to the website.
Read on.
[tags]Google Warning, Malware Via Web, Malware, Drive By Download, Google[/tags]