"Dirtiest" Web Sites of the Summer

Larry Magid: Symantec Identifies Which Sites Are The Worst Malware Threats

(CBS)  Symantec is out with its "Dirtiest Web Sites of Summer 2009," which it's calling "the worst of the worst" when it comes to malware threats.

The security vendor says that "48 percent of the Dirtiest Web Sites are, well, dirty--sites that feature adult content." That means that more than half the sites cover a wide range of other categories including legal services, catering, figure skating, and electronics shopping, according to the report.

On average, sites on the dirtiest list have 18,000 threats per site, but 40 of the sites have in excess of 20,000 threats. One site that appears to offer restaurant catering services has 23,414 computer threats
"The number of web attacks is off the charts because it's the easiest path into a consumer's machine" said Gerry Egan, Symantec's director of security response.

The Web, said Egan "has become the primary delivery vehicle for malware." One method for infection is "drive by downloads," which can exploit a vulnerability in your browser or operating system by "leveraging little security holes" and injecting code into your machine simply by virtue of your visiting the site. Another route to infections is social engineering where someone tricks a user into installing a malicious application that can masquerade as a plug-in to play media or even a fake security program that claims to help you find and remove malware. Instead it installs malware on your machine.

There are a number of dastardly payloads associated with the type of malware delivered through these sites including turning your machine into a "spambot" that sends junk e-mail to other people. Such programs can also hijack your computer to be part of a "botnet" to carry out attacks on other systems such as the recent denial-of-service attack that brought down Twitter earlier this month.

Symantec has identified these dirty sites as part of the ongoing analysis it does for its Norton Safe Web product. Safe Web includes a free Web site that anyone can use to see if a site is known to have malware. In addition, Symantec's security products now come with a plug-ins that works with a browser to look over your shoulder while you're surfing or searching to warn you before visiting a site known to contain malware.

TrendMicro Internet Security has a feature that warns you if you are about to visit a site that "may put your security at risk" and McAfee offers a service called McAfee Site Advisor that includes a free plug-in for Firefox and Internet Explorer that warns you about potentially dangerous sites that show up in search results.

[SkirtLifter]

I'm impressed. This is the first time I've seen an author correct an omission. Thanx Larry, you are a stand up guy.

[hologram5]

by Ms_enza August 20, 2009 12:20 PM EDT
Aw c'mon. Admit it. You just want a list of porn sites.
----------------------------------------------------------
Hey lady, I removed this garbage from people's PC's for a living for two years and "porn" sites are NOT the only sites targeted anymore. You have kids? Grandkids? Then tell them they cannot go to their "game" sites anymore because the flashing banners are drive by downloads. They target kids now because kids are "click-happy". That is the truth. I have kids and know this for fact.

[mswolfestock]

Really, this is such a rip-off without the actual list of dirty websites. From day to day I have NO IDEA what kinds of websites I will visit. Everything from appliance replacement parts, automotive parts, on-line shopping, research, etc, etc.

I caught a virus a few months ago while I was getting help for a problem with my vehicle. I was trying to turn off an Idiot Light that kept coming on. I got an answer and solved the problem but I ended up with some malware that wanted to extort $100 from me (or I should say my credit card.) I eventually solved THAT problem, too, but it was a giant pain in the backside.

HINT: Use Add or Remove Programs when the malware keeps coming back after you keep closing the windows a million times. These malware programs won't take no for an answer.

SHOW US THE LIST, LARRY.

[larrymagid]

As I said to an earlier comment,it was an accidental omission. It should be fixed by now with a hotlink from the first sentence. This is a partial list. Symantec has not published the entire list because some of the sites have sexually explicit URLs.

[wf_tx]

Umm, gee, Larry, where's the list?? Do ya think maybe just a few of us would like to know in order to avoid them? Your ommission of the list makes the story very unsatisfying to read, not to mention that the story takes on the appearance more akin to a Symantec ad than a news story. At the very least, you should have explained WHY you're leaving out the list.

[Ms_enza]

Aw c'mon. Admit it. You just want a list of porn sites.

[larrymagid]

Oops. That was an accidental omission. Thanks for pointing it out. It should be fixed by now with a hotlink from the first sentence. This is a partial list. Symantec has not published the entire list because some of the sites have sexually explicit URLs.