Sophos has released an interesting study that says malware is growing, but the method by which purveyors try to distribute it is changing. This jibes with comments being made by security experts for the past few months.
During the first quarter of 2006, Sophos said, far more than double the number of new threats were detected (23,864 versus 9,450, to be precise) during the first three months of last year.
Those numbers are just bad. The interesting numbers are that the percentage of infected e-mails dropped from 1.3 percent during the first three months of 2006 to 0.4 percent -- 1 in 256 -- during the first three months of 2007.
It seems that the cool viruses are hanging out at Web sites. Sophos says that it is identifying about 5,000 new infected Web pages daily. The explanation is simple enough: Malware purveyors are opportunists. As companies and individuals protect their e-mail infrastructure more effectively, the bad guys seek out easier attack "vectors." Right now, Web sites are it. The result is a significant rise in cross site scripting (XSS), buffer overflows, injection flaws and other Web site attacks.