The quickest way to become infected with malware could be to visit a fake celebrity website and not, as is commonly assumed, one dedicated to porn.
This is according to a recent report on malware trends published by McAfee that confirms an October 2005 University Of Washington study that suggested celebrity websites had overtaken porn as the favoured means of malware distribution.
In fact, the company concurs in Adware and Spyware: Unraveling the Financial Web [PDF] that porn is now probably only in third place in the malware website league, behind star and screen-saver websites.
McAfee’s own take on the issue comes from a study undertaken earlier this by analysing results from its SiteAdvisor anti-phishing browser plug-in. That found many common search terms returned links straight to malware sites, without users having to do much more than hitting the return key on Google.
More generally, malware is actually evolving on a trend that dates back to the first widespread appearance of profit-oriented spyware in 2003, the company reckons. It was at that point that forms of malware that had been around for many years started to dominate the security scene.
By August of this year, adware alone had expanded to encompass 4,000 variants of a total of 450 base families. Between 2000 and 2002, there were only 45 families.
Analysing the criminal business model reveals that malware, and adware in particular, is now technically sophisticated, involves various techniques in unison, and is highly profitable. Botnets are at the forefront of this, generating in one instance documented in the report, an average of $6,800 per month for a single botnet criminal “herding” a 13,000-PC network.
McAfee hints that it is flaws in the Internet business model of today that could now be seeding the e-crime of the future.
“The mixing of criminals and legitimate affiliate-marketing activities confuses both merchants and consumers, blurring the boundary between malicious unwanted programs and friendly software” says the report. “The provisioning of such significant financial support will only foster accelerated growth in both diversity and numbers of threats.”