All Your iFRAMEs Point to Us

As the web continues to play an ever increasing role in information exchange, so too is it becoming the prevailing platform for infecting vulnerable hosts. In this paper, the authors provide a detailed study of the pervasiveness of so-called drive-by downloads on the Internet. Drive-by downloads are caused by URLs that attempt to exploit their visitors and cause malware to be installed and run automatically. Over a period of 10 months they processed billions of URLs, and the results shows that a non-trivial amount, of over 3 million malicious URLs, initiate drive-by downloads.