The report also covers another very concerning development, which was the automated widespread infection of legitimate websites by the returning Asprox botnet. In June, M86 Security Labs found more than 10,000 ASP sites had been infected by the Asprox Spambot over a period of only three days. An interesting factor of the attack was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.
"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms," said M86 Security's Bradley Anstis
To download the full M86 Security Labs Report, go to http://m86.it/srfh10