Chris Larsen, a senior malware researcher with Blue Coat Systems explains how his research team maps malware networks to gain a better understanding of attack infrastructure.
Researchers at Blue Coat Systems Inc. have been mapping malware to better understand malware delivery. In the Blue Coat 2011 Mid-year report (.pdf), the company found a variety of websites and online forums consistently used by cybercriminals to spread malware.
The problem stems not only from websites dealing with pornographic and pirated material. Attackers are taking advantage of common website vulnerabilities on trusted and popular websites for use by cybercrime.
In an update provided recently, Larsen said poisoned search engine results are constantly being used to drive traffic to those malicious sites. While search engine providers are labeling suspicious sites, cybercriminals have an agile process in place. They can switch domains on the fly to maintain up-time and continue spreading malware, overseeing an ever increasing number of infected machines, Larsen told SearchSecurity.com.