15 Million Malicious Websites

By Jimmy Daniels
Contributing Writer, RealTechNews

Okay, here’s notice that the problems in the internet are not getting better, they are getting worse, Websense announced in a press release that their database of websites that contain malicious code, peer to peer file sharing, spyware, phishing, and 80 some other categories of “bad stuff” has increased to over 15 million. 15 million websites our children could easily surf into, or we could surf into, that would try to take advantage of us somehow. This contradicts the study from Washington University I posted about here, but, that study was just a sample that grabbed data from some websites, it was not a massive undertaking like this one.

The Websense Master Database is the most accurate, up-to-date database in the industry. Recent increases to the Master Database reflect the continual growth of the internet as an attack vector by today’s cyber-criminals. The Websense database reached 10 million sites in May 2005 and quickly grew to 15 million sites within approximately eight months. Today, the database includes more than 90 categories, such as spyware, phishing and peer-to-peer (P2P) file sharing, which organizations can use to protect employees against malicious internet sites as well as set flexible filtering policies for employee web usage.

“Websense has more than 10 years of specialized internet mining expertise, and the growth that we have seen over the past year in malicious content has been astonishing,” said Patrick Swisher, director, database operations for Websense, Inc. “As our knowledge of the internet continues to increase, so does our ability to create more sophisticated processes to classify these types of high-risk sites and provide our customers with greater protection. Our award-winning software has the ability to proactively discover and immediately protect our customers against the most ominous web-based threats such as spyware, bots, phishing attacks, viruses and crimeware.”

During 2005, software vulnerabilities were increasingly exploited by malicious websites hosting malcode, and the Websense Master Database’s security-related categories reflect this growth. For example, since February 2005, spyware-related websites have increased from approximately 48,000 sites to more than 130,000 today — a 170 percent upsurge. In addition, during the same time period, phishing and other fraudulent websites have grown approximately 271 percent from 7,270 to more than 27,000 sites.

To maintain database accuracy, Websense purges dead website links from the database on a daily basis, and to date has removed nearly four million dead links. This is of particular importance for internet categories that represent web security risks, such as phishing or fraud-based websites, which have a short life span. Phishing websites are currently online for an average of less than six days and the underlying IP addresses associated with those websites change frequently. Source: PRWeb.

Some highlights, Malicious websites grew more than 3,900 percent, P2P websites had a 50 percent increase, and Keyloggers more than doubled in growth.

We Say: This is a lot more accurate than the Washington study as that one was just a sample, in that study they only crawled 18 million url’s, while this one analyzes more than 75 million sites a day for malicious code. They also have a global honey pot, meaning, unprotected computers that are there just to be taken advantage of, exploited, etc, like a normal users computer and to discover MMC(Mobile malicious code), new Trojan horses, keyloggers and blended threats. They have also removed over 4 million websites from the list, because lots of these websites don’t stay live very long, they move from url to url, trying to infect us.

As Sergeant Phil Esterhaus from Hill Street Blues used to say, Hey, let’s be careful out there.