A factor contributing to increased interest in poisoned websites to spread malware has been the decline of "thumb" flash drives as popular infection vehicles for cybercriminals.
The introduction of the first commercial version of Windows XP in 2001 and the massive uptake of removable storage devices marked the beginning of the era of worms that spread through those media by exploiting a Windows XP design vulnerability called Autorun, the report explained.
"Given that this problem was solved in 2009 and that users have migrated towards new versions of Microsoft Windows, the number of malicious programs still using this technique has diminished in the past few years," Eset notes.
"Though there is no shortage of malware that includes it on the off chance of finding an unpatched system," it adds.
Eset outlined in its report how Web miscreants proliferate their malicious wares through infected websites:
- First, an existing vulnerability is exploited in a web server and malicious code is injected into the site.
- Then, targets are steered to the infected site through hyperlinks sent to a list of users through email, social networks, or any other means.
- When the target visits the site, the malware is downloaded to their computer or smartphone, where it performs its pernicious actions.
According to Eset's report, "Malware targeting Android will not only keep on rising at a considerable rate, but also will continue to evolve until they are very similar in capability to their peers in the world of more traditional computers."