CoreSight - leading Australian security - CoreSight - leading Australian security

One in 10 web pages scrutinised by search giant Google contained malicious code that could infect a user's PC.

Google researchers surveyed billions of sites, subjecting around 4.5 million pages to more detailed analysis.  About 450,000 were capable of launching so-called "drive-by downloads", sites that install malicious code, such as spyware, without a user's knowledge.

A further 700,000 pages were thought to contain code that could compromise the visitor's computer.  To address the problem, Google researchers say the company has launched an effort to identify all web pages on the internet that could be malicious.

These downloads are an increasingly common method for infecting a computer, at times with the motive of stealing sensitive information.  They usually consist of malicious programs that automatically install when a potential victim visits a site designed to primarily for this purpose.

"To entice users to install malware, adversaries employ social engineering," wrote Google researchers.  Usually the visitor is presented with links that promise access to pages with pornographic content, copyrighted software or other media.  The vast majority exploit vulnerabilities in Microsoft's Internet Explorer browser to install themselves.Some downloads, such as those that alter bookmarks, install unwanted toolbars or change the start page of a browser merely provide an annoyance factor.  But increasingly, criminals are trying to install keyloggers that steal login and password information via malicious code on sites.

ther pieces of malicious code hijack a computer turning it into a "bot", a remotely controlled PC.  This study indicates that these "drive-by" downloads represent a shift away from traditional methods of infecting a computer, such as spam and email attachments.

View a more comprehensive article at ZDNet Australia.