Yes, you read that correctly. According to Barracuda Labs, two out of the top 25,000 domains (at least top of Alexa’s rankings) serve up some tasty and annoying malware to their visitors. Hopefully, this is unintentional and the result of some compromise. The lab rats found that more than 10 million folks were exposed to exploits in February, and almost every day there was a new compromised website. The top-ranked domains that served malicious content spanned across 18 different countries, demonstrating that this problem has no geographic barrier. Making matters worse, almost all of the compromised sites were at least a year old, and half were more than five years old. This indicates that attackers use well-established, long-lived websites for their drive-by download campaigns.
The researchers used an automated script to bring up a series of URLs inside a virtual Windows VM and observe what happens to its OS, plug-ins, and other browser settings. Once the site is visited, the VM’s network traffic is monitored to see what malware has been placed on it.
On the link on their blog post is more information on their methodology and the complete infographic, which we have truncated here in the interests of readability.