The number of websites blocked for hosting malicious content rose by 197 percent in March, according to MessageLabs, the highest number since October 2008. Experts credit the spike to a sharp increase in web-based and email-borne images with injected scripts like JavaScript and VBScript.
That percentage represents 2,797 websites blocked by virus software for pumping out web-borne malware, mostly in the form of spam advertising. Many of the websites used to host infected images are free image hosting sites, and because of that may extend to popular social networking and multimedia file-sharing sites that allow users to upload and share pictures.
Spammers use scripts and SQL injections to compromise user-generated sites through images uploaded and serve up custom-created ads. MessageLabs acknowledges this isn’t a traditional definition of malware, but the practice does bring up privacy issues since the scripts also enable user tracking to serve customized ads based on the user’s location and language. The scripts also enable pop-up ads, which are nuisances to uses.
The primary target appears to be people using older browsers without updates to prevent script execution in images. Those using such browsers tend to be less technologically savvy.
Spam in general increased 2.4 percent from February, making up 75.7 percent of all email in March. One in 281 emails contained viruses, a slight increase (0.03%) over the month before, and one in 284 emails comprised a phishing attack, a slight decrease (0.17%) from February.
Hong Kong takes the most-spammed country award, with spam levels rising by almost 16 percent in March. Spam in Hong Kong makes up 88.7 percent of all email. The Asia-Pacific region in general is spam-central, rising to 88.4 percent in China, 86.4 percent in Australia, and 85.9 percent in Japan. Spam in the US rose to 78.4 percent, in Canada to 76.3 percent, and 68.4 percent in the UK.