Malware has to live somewhere. And while some Web filtering solutions can detect known malware hosts, most malware hides in sites that are otherwise benign. According to a report from Blue Coat Systems, the five most commonly compromised Web sites range from online storage to — surprise — adult content. Click through this slideshow for more information.
Click through to see the five most common hiding places for malware.
These are sites intended to provide secure, encrypted, off-site backup and restoration of personal data. They are typically used to store, organize and share videos, music, movies, photos, documents and other electronically formatted information. The number of online storage sites grew over 200 percent in 2009.This growth, and the generic nature of the services they provide make them an ideal, easily accessible malware storage location.
These are sites dedicated to enabling the electronic download of software for any type of computer or mobile device, whether for payment or at no charge. There was little growth in the number of sites in this category in 2009, but they were the second-most popular hiding place for malware.
These are sites that contain sexually explicit material. While the growth in the total number of pornography sites was relatively low in 2009 (9%), many of these sites have been created for the sole purpose of delivering malware, using porn to lure visitors to the site. Two-thirds of all Fake Codec attacks were found within sites categorized as pornography.
These are sites with generally non-offensive content, but that also have potentially objectionable content such as adult or pornographic material. Content on these sites is usually unorganized and highly dynamic, making more precise classification of specific images difficult. The number of sites in this category grew by approximately 50 percent in 2009 as more people wished to share their multimedia content in an unregulated way. And while more traditional attacks leveraged these sites as a temporary home, the vulnerabilities in Adobe products in 2009 elevated the number of attacks on these sites.
These are sites that distribute, promote or provide hacking tools and information to help others gain unauthorized access to computer systems and computerized communication systems. These sites offer instructions on illegal or questionable tactics, such as creating viruses, distributing cracked or pirated software, or distributing other protected intellectual property. The number of sites in this category grew by approximately 30 percent in 2009 and, by their very nature, should be considered suspicious. While there are several sites in this category with relatively admirable codes of ethics, those tend to be the exception. In addition to information, many sites provide services that are easily leveraged for malware hosting.