Symantec Hosted Services Article Sample

Malware is no longer found only on malicious websites. Today, it is commonplace for legitimate mainstream websites to serve up malware to unsuspecting visitors. Due to the complexity of modern websites and the fact that content is often integrated from many providers, not all websites and advertisements are properly secured. In 2008, Symantec observed attacks from 808,000 unique domains, including popular news, travel, gaming, real estate, and even government websites.

Malware has traditionally been distributed through spam or through social engineering techniques that attempt to get a user to click and unknowingly download malicious code. However, hackers are now inserting malicious URLs into Web pages on legitimate websites, redirecting users to a malicious site that contains code designed to exploit specific vulnerabilities—with no user interaction required. This is often referred to as a “drive-by download,” and attackers are increasingly turning to this method. Once malware is installed on the user’s machine, the attacker can harvest personal information or take control of the machine to attack other computers.