Botnets are the most significant source of malicious Web traffic for enterprises on the Internet, according to new research from ZScaler’s ThreatLabz.
Over the past 30 days, botnets have accounted for nearly 80 percent of the security blocks within ZScaler’s network. In a distant second place among security blocks, malicious URLs accounted for almost 15 percent, and in a somewhat less distant third place, antivirus accounted for just fewer than four per cent of blocks. Rounding off the list was cookie stealing (1.02 per cent), phishing (.21 per cent), browser exploits (.1 per cent), adware/spyware (.08 per cent), WRI (.02 per cent), and Anonymizers (.02).
As for the prevalence of single strains of malware or botnets, there was no clear leader. Threats like the Blackhole and Zeus exploit kits have persisted over long periods, experiencing various peaks and plummets, while others appear one day and disappear the next.
Another important source of malicious Web traffic is mass infections originating from legitimate sites. ZScaler claims that their clients are still coming across sites infected by the Lizamoon SQL injection attack that was first reported almost six months ago.