DEDICATED ATTACK WEB SITES built to distribute malware are back on the increase, an analysis that's part of Google's Safe Browsing service has revealed.
The report, which gathers together five years' worth of data, was published today on Google's online security blog. Worryingly, Google's figures revealed that dedicated attack web sites are on a comeback after declining in numbers in 2011.
According to the report, the web sites try to avoid detection by its Safe Browsing service by adopting several techniques, such as "rapidly changing their location through free web hosting, dynamic DNS records, and automated generation of new domain names".
Google said that social media is now the weapon of choice for many attackers, as technical exploits are becoming harder to perform.
"As companies have designed browsers and plugins to be more secure over time, malware purveyors have also employed social engineering, where the malware author tries to deceive the user into installing malicious software without the need for any software vulnerabilities," Google's analysis said.
"While we see socially engineered attacks still trailing behind drive by downloads in frequency, this is a fast-growing category likely due to improved browser security."
The data also reveals that phishing web sites discovered monthly are becoming more prevelant, reaching a five-year high in 2012 of 300,000 web sites."
Google finds an average of 9,500 new malicious web sites every day, some of which are innocent web sites that have been compromised by malware authors, and others that are built specifically for malware distribution or phishing.
But it isn't all as bad as it sounds, as the study shows that the prevalence of infected web sites peaked in 2009 and has since declined from approximately 350,000 by more than half to only 150,000 web sites discovered monthly. µ
Is restoring from backup really the better than prevention?
Allowed anyone to pinpoint locations visited by customers of SVR Tracking
Hackers gained access to systems using unsecured administrator's account
But Canonical's Mark Shuttleworth doesn't agree