Trojan attacks now almost solely from legitimate websites
According to reports, surfers are now almost always attacked from the hacked web sites of legitimate providers. Previously the general assumption was that malware was only found on sex sites and other shady web sites, but these days all you need to do is visit the site of your favourite newspaper to come under attack.
Anti-virus vendor Avast reports reports that there are now 99 "normal" infected web sites for every infected "adult" site. Current cases, such as the manipulation of Lenovo's server or of Vodafone UK's server seem to support that finding. In the case of Vodafone, attackers manipulated the BlackBerry product pages so they could upload an exploit in an iFrame for an unpatched hole in the Windows Help Center.
According to its current "MessageLabs Intelligence Report" Symantec has come to a similar conclusion. The report shows the share of legitimate web sites among manipulated web sites rose from 80% in 2009 to 90% this year. Recently, for example, Chinese attackers managed to manipulate tens of thousands of Web servers via SQL injection vulnerabilities.
The findings do not, however, suggest that you should "start searching for erotic content" if you want to be on the safe side, as Ondrej Vlcek, CTO at Avast, points out.