By Robert McMillan, IDG News Service
February 15, 2008

Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim’s browser that redirects it to a malicious Web server. That server then tries to install code on the victim’s PC. “The bad guys are getting exceptionally good at automating those attacks,” said Roger Thompson, chief research officer with security vendor Grisoft.

In response, Google has stepped up its game. One of the reasons it has been scouring the Web for malicious pages is so that it can identify drive-by-download sites and warn Google searchers before they visit them. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.

Link

“When we started going into this, I had the firm intuition that if you go to the sleazier parts of the Web, you are in more danger,” he said.

It turns out the Web’s nice neighborhoods aren’t necessarily safer than its red-light districts.