Internet security company Sophos reported last week that the number of Web pages infected with malicious code has spread nearly six-fold since the beginning of this year.
The report says the company detected an average of almost 30,000 new infections each day in June, a total that had been as low as 5,000 per day earlier in the year.
Sophos says the majority of pages serving malicious code are actually located on legitimate Web sites. About 80 percent of malware is delivered by innocent but compromised sites.
Attacks detected in June, says Sophos, came from a collection of 10,000 legitimate sites, most of them hosted on Italian servers, that had been compromised with an unknown vulnerability and loaded with exploit toolkit Mpack.
Sophos says the results raise the question of why Web hosts are not taking steps to properly secure servers. Keeping up to date with security patches can often effectively prevent compromise.
Source: The WHIR News