Pelo menos 10% dos sites da web com código malicioso

segundo um artigo de autores da Google:

"We analyzed the content of several billion URLs and executed an
in-depth analysis of approximately 4.5 million URLs. From
that set, we found about 450,000 URLs that were successfully
launching drive-by-downloads of malware binaries and
another 700, 000 URLs that seemed malicous but had lower


The Ghost In The Browser Analysis of Web-based Malware


As more users are connected to the Internet and conduct
their daily activities electronically, computer users have become
the target of an underground economy that infects hosts
with malware or adware for financial gain. Unfortunately,
even a single visit to an infected web site enables the attacker
to detect vulnerabilities in the user’s applications and force
the download a multitude of malware binaries. Frequently,
this malware allows the adversary to gain full control of the
compromised systems leading to the ex-filtration of sensitive
information or installation of utilities that facilitate remote
control of the host. We believe that such behavior is similar
to our traditional understanding of botnets. However,
the main di erence is that web-based malware infections are
pull-based and that the resulting command feedback loop is
looser. To characterize the nature of this rising thread, we
identify the four prevalent mechanisms used to inject malicious
content on popular web sites: web server security,
user contributed content, advertising and third-party widgets.
For each of these areas, we present examples of abuse
found on the Internet. Our aim is to present the state of
malware on the Web and emphasize the importance of this
rising threat.