Symantec publishes list of the top 100 Dirtiest Web Sites of Summer 2009
Symantec has published an extract from its list of the top 100 Dirtiest Web Sites of Summer 2009 that only need to be visited to infect a vulnerable PC. Of these 100 sites, 48 offer "adult" content and are therefore already classed as "dirty" by Symantec. The other sites are relatively harmless, sites for role-playing fans and hunters' clubs, for example, that are being misused by criminals – evidently without the knowledge of the site operators. This may explain why around three-quarters of these sites have contained malware and exploits for more than six months.
One of the web sites affected, a forum for a game called "Magic the Gathering", has now closed its doors. On the home page, the operator says openly that an unmoderated forum doesn't work and a lack of updates has given attackers an opportunity to carry out manipulation. Symantec says the attackers have fully exploited such opportunities, 40 of the top 100 dirtiest sites being infected with more than 20,000 threats.
Symantec's list is the result of automatic analysis with Norton Safe Web, which uses signature-based scans, intrusion detection and behavioural analysis to assess individual sites visited. Viruses are reported to be the most frequent threats, followed by browser exploits.
A current warning from the security services provider ScanSafe shows how quickly a harmless site can be transformed into a malicious one. Around the world, 55,000 web sites are reported to have been infected with an IFrame that downloads additional code and attempts to infiltrate visitors' PCs with exploits. The IFrame points to http://a0v.org/x.js, and a Google search shows more than 70,000 site hits. Several of the listed sites have apparently been cleaned up since being listed.