Read a scary report from Google's security team today titled "All your iFrame Are Point to Us" regarding the evolving trends in search-delivered drive-by malware downloads. Check out the full post here, but the synopsis follows:
It has been over a year and a half since we started to identify web pages that infect vulnerable hosts via drive-by downloads,
i.e. web pages that attempt to exploit their visitors by installing and
running malware automatically. During that time we have investigated
billions of URLs and found more than three million unique URLs on over
180,000 web sites automatically installing malware. During the course
of our research, we have investigated not only the prevalence of
drive-by downloads but also how users are being exposed to malware and
how it is being distributed. Our research paper is currently under peer
review, but we are making a technical report [PDF] available now. Although our technical report contains a lot more detail, we present some high-level findings here:
The
above graph shows the percentage of daily queries that contain at least
one search result labeled as harmful. In the past few months, more than
1% of all search results contained at least one result that we believe
to point to malicious content and the trend seems to be increasing.
Ugh. The technical report offers some really good background data on infrastructure and methodology, geographic distribution, properties and delivery mechanisms. Fascinating reading.
/Hoff
