AV vendors say most badware sites are compromised

A recent report from Symantec reinforces the idea that most web-based malware is distributed via compromised, legitimate sites:

In 2010 so far, using the same approach, the proportion of malicious domains that are legitimate [i.e., set up for reasons other than distributing malware] has increased dramatically compared to last year – it’s now about 90%.

On a related note, Avast reports that, despite popular belief, adult sites are not carrying the load of malicious content:

...the statistics are clear - for every infected adult domain we identify there are 99 others with perfectly legitimate content that are also infected.

Everyday Internet users who are hearing this for the first time should take this as a wake-up call. Protect your computer. Protect your website. And recognize that, while making smart decisions about your Internet use is always a critical part of security, deciding which type of website you visit isn't as important as it once was.

Hat tip: H-Online via UnmaskParasites (Twitter)