In 2011, the most significant evolution in the threat landscape was the use of malware networks, or malnets, to launch highly dynamic Web-based attacks, according to Blue Coat Systems.


These complex infrastructures, which outlast any one attack, drove a 240% increase in the number of malicious sites during the year and are expected to launch as many as two-thirds of all new attacks in 2012.

Malnets are distributed network infrastructures within the Internet that are built, managed and maintained by cybercriminals for the purpose of launching a variety of attacks against unsuspecting users over extended periods of time.

The end game for malnets typically is either stealing personal information or transforming end-user systems into botnets.

"In 2011, the ease of buying, customizing and deploying malicious software kits, coupled with a faster rotation through domain names, drove a 240% increase in malicious sites," said Chris Larsen, senior malware researcher, Blue Coat Systems. “With the average business now facing 5,000 threats per month, identifying and tracking malnets to block attacks at the source before they are launched is the most effective protection. Blue Coat uniquely provides protection from malnet-launched attacks even before they happen.”

The most common entry point into these malicious infrastructures rely on the path of least resistance, utilizing entry points that are easy to exploit, such as search engines/portals and email, or are utilized by large, diverse populations of users.

Malnets have become so effective at launching attacks through search engines/portals that one in 142 searches leads to malicious links.