Web-based malware growth Q3 2009 - Q3 2010

The number of Web sites infected with malware has doubled from a year ago to more than 1.2 million, according to a study released today by Internet security company Dasient.

Not only are social-media sites getting targeted, but sites of larger government agencies increasingly are hit, including the National Institutes of Health, the U.S. Treasury, and the Environmental Protection Agency, according to the report. In the last two years, the NIH has been infected and reinfected five times, and the state of Alabama's site was infected 37 times.

More than 1.5 million malicious ads are served every day, including drive-by downloads and fake antivirus campaigns. Drive-by downloads on legitimate Web sites have become the most popular method for delivering malicious programs, overtaking the use of spam and e-mail attachments, Dasient said.

Correction, 1:03 p.m. PT: This story misstated the number of Web sites infected with malware. The correct number is more than 1.2 million.