Religious Sites Carry More Malware Than Porn Sites

[bilateralrope]

Tech Hive

By Daniel Ionescu, PCWorld

Apr 30, 2012 7:10 AM

Religious and ideological websites can carry three times more malware threats than pornography sites, according to research from security firm Symantec. The firm’s annual Internet Security Threat Report also found that threats to mobile devices continue to grow, almost exclusively for Google’s Android mobile OS.

Internet security reports from companies that also sell anti-virus solutions should be taken with a pinch of salt, given the potential of conflict of interest, but Symantec’s authoritative findings are nevertheless interesting.

Symantec found that the average number of security threats on religious sites was around 115, while adult sites only carried around 25 threats per site--a particularly notable discrepancy considering that there are vastly more pornographic sites than religious ones. Also, only 2.4 percent of adult sites were found to be infected with malware, compared to 20 percent of blogs.

Why religious sites you might ask? “We hypothesize that this is because pornographic website owners already make money from the Internet and, as a result, have a vested interest in keeping their sites malware-free--it’s not good for repeat business,” said the report.

Symantec measured an increase of more than 81 percent in malware in 2011 over 2010, while the number of malware variants increased by 41 percent. On the flip side, spam volumes have decreased from 88.5 percent of all email in 2010 to 75.1 percent in 2011--thanks to law enforcement action which shut down the Rustock worldwide botnet that was responsible for sending out large amounts of spam.

Android smartphone users should also be weary of malware, as Symantec says mobile vulnerabilities, almost exclusive to Google’s open mobile OS, increased by more than 93 percent. The report found more than half of all Android threats collect device data or track users’ activities.

A quarter of the mobile threats identified were designed to make money by sending premium SMS messages from infected phones, which could be even more lucrative than stealing your credit card details.

The hypothesis to explain it makes sense. Porn sites are a business, so anything which harms repeat customers is a bigger problem than it would be for websites which are not the core of the organization.

[InsaneTD]

The first half of the article is kinda funny, but the later half was what was off interest for me, I use my android as my computer. I don't have regular access to a desktop or even a laptop. Think I'm going to need to pick up some anti malware apps for my phone.

[Zixinus]

The explanation still does not explain why religious sites have so much malware in the first place. Even if profit is heavily involved in the religion itself, religious websites aren't made by people that want to be malicious to their viewers. They also surely want more repeat visitors.

[InsaneTD]

Probably targeted by hackers.

[bilateralrope]

The explanation still does not explain why religious sites have so much malware in the first place. Even if profit is heavily involved in the religion itself, religious websites aren't made by people that want to be malicious to their viewers. They also surely want more repeat visitors.

There are two ways malware gets onto a website. The first is the website operator putting it there. The second is someone hacking the site to install their malware.

[Grumman]

The explanation still does not explain why religious sites have so much malware in the first place. Even if profit is heavily involved in the religion itself, religious websites aren't made by people that want to be malicious to their viewers. They also surely want more repeat visitors.

Old people are twice as likely to be religious as young people. A website by tech-adverse septuagenarians, for tech-adverse septuagenarians seems like an easy target for someone trying to spread their malware.

[Lord Revan]

Also I'd suspect that admins of religious websites might be more willing to "put their faith in God" that nothing bad will happen to them and not up-date their malware protection (or have one in the first place), while pornsite owners have more realistic idea about the threat (in general obviously)

[Mr Bean]

The explanation still does not explain why religious sites have so much malware in the first place. Even if profit is heavily involved in the religion itself, religious websites aren't made by people that want to be malicious to their viewers. They also surely want more repeat visitors.

There are two ways malware gets onto a website. The first is the website operator putting it there. The second is someone hacking the site to install their malware.

Incorrect as far as it goes because there is a third option and the most popular one I've run across, and that is the website operator can opt to sell ad space on the website to defer costs and that ad seller either sells banner ads to malware producers or is hacked themselves.

Very few websites are made up of 100% of the pure content of the website creator. Lots of website material has started becoming common, look at the Google ads sd.net has. If that is hacked or the ad stream is broken by a man in the middle attack niether sd.net would be hacked nor would DW be the one putting it on but we'd still end up with malware.

The most common thing I've run across is on a lot of "professional" websites be they for construction people or doctors they will get infected with something like Conduit which is one of those hundred odd "install when installing the thing you wanted to install" programs but most variants of Conduit will hijack ad space to show to ads for things Conduit picks and most of those things are whoever can pay conduits creators IE malware makers.