Report: Infected Web sites double in 2010

Drive-by downloads are the preferred method for delivering malware, overtaking the use of spam and e-mail attachments, Dasient says.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Nov. 22, 2010 12:01 p.m. PT

Web-based malware growth Q3 2009 - Q3 2010 Dasient

The number of Web sites infected with malware has doubled from a year ago to more than 1.2 million, according to a study released today by Internet security company Dasient.

Not only are social-media sites getting targeted, but sites of larger government agencies increasingly are hit, including the National Institutes of Health, the U.S. Treasury, and the Environmental Protection Agency, according to the report. In the last two years, the NIH has been infected and reinfected five times, and the state of Alabama's site was infected 37 times.

More than 1.5 million malicious ads are served every day, including drive-by downloads and fake antivirus campaigns. Drive-by downloads on legitimate Web sites have become the most popular method for delivering malicious programs, overtaking the use of spam and e-mail attachments, Dasient said.

Correction, 1:03 p.m. PT: This story misstated the number of Web sites infected with malware. The correct number is more than 1.2 million.