Hi malware fighters,
publishers, blogs and other content providers that use third-party ad networks are at risk of having malvertisements introduced to their users on their site. Many sites (large and small) also rely on third-parties to provide packaged software that powers applications on their website.
re:
http://blog.dasient.com/2010/05/q110-web-based-malware-data-and-trends.htmlGoogle report:
http://www.usenix.org/events/hotbots07/tech/full_papers/provos/provos.pdfmass attacks on WP:
http://www.informationweek.com/blog/main/archives/2010/04/network_solutio.htmlWhat have we seen here in the virus and worms section? We analyzed suspicious and malicious websites through avast shield flags reported by users and found the above to be true, suspicious inline scripts outside HTML, malicious script links, malcode obfuscated scripts, known exploits abused for older website software. The main vectors as ever are Flash and JS. Unmasked parasites find a lot of these suspicious websites, as does Norton Safe Web get a lot of reports, user reports for WOT, malware domain list will list them, novirusthanks org scans them, Prevx give the sites malware connects to, jsunpack analyzes given malcode as will Malzilla, and online through wepawet. etc.
Conclusion be aware, use apt protection inside a browser like Fx with NS and RP extensions to block third party code from being executed, have the avast shields up, and if you never have visited out for a questionable site scan it before going there, so sensibly watch your clicks,
polonus
