Web-based threats have now overtaken email attacks reaching record numbers, according to the latest report by Sophos.In June alone, a record number of infected web pages were detected, approximately 29,700 each day. That figure has soared by a whopping 500 per cent since earlier in the year when just 5,000 were detected daily.
The research shows that about one in five infected websites is malicious by design. This means that 80 per cent of all web-based malware is being hosted on innocuous, but compromised, sites.
“With a massive number of infected web pages found on legitimate sites, it begs the question as to why web hosts are not taking the necessary steps to properly secure their servers," said Graham Cluley, senior technology consultant at Sophos.
The bi-annual report also found that more than half (51 per cent) of all infected web pages between January and June were hosted on Apache servers. Thirty four per cent were found on Microsoft IIS 6 servers and nine per cent on Microsoft IIS 5.
"Web hosts that are currently not behaving responsibly must bite the bullet and take better care of their sites,” Cluley said. “It will be a wake-up call for some to see that malware is not just a Microsoft problem."
China now hosts more malware than the US, according to the figures. While the states continued to host a large chunk of malicious programs (27 per cent) over the last six months, the Asian country is responsible for hosting more than half (54 per cent) of all the world’s web threats. Security researchers believe the rise was caused by the widespread Mal/Iframe infections hosted in China.