Legitimate websites that host malware are an easier target than more suspicious sites due to a lack of security.
Following research by MessageLabs that revealed that web-based malware is being hosted on compromised legitimate websites rather than suspicious sites, it has been claimed that this reflects the current situation on the internet very well.
Writing on the security and the net blog, author ‘Martin' claimed that it makes sense for hackers to plant malware on legitimate sites as ‘most malware is hosted on 'old' sites rather than newly registered domains'.
He said: “Most malware is distributed on ‘real' websites (as opposed to botnets used to distribute malicious content), and not on domains just registered by criminals.”
He claimed that this was because older sites are more likely to be running old software with known vulnerabilities, and are thus more easy to abuse. These sites will already have visitors, so you do not need to find a way to get them to your malicious site and you do not need to steal credit cards to pay for your new domains and arrange for your own web hosting.
“In short, it just makes sense to abuse existing domains. To get back to the adult hosting that was mentioned, several people have already mentioned that there is also a reason that these are generally ‘safe', at least from malware: these sites are high-profile targets for attacks, and as such more likely to take security seriously. Not in the least because these rely on subscriptions rather than ads, and need to provide value for money or risk losing paying visitors fast,” said Martin.