What are Web Threats? - Definition

Web threats and malware are malicious software programs designed to target users when they're online. They can appear in many forms, including viruses, spam, phishing, spyware, adware and other versions of cybercrime. Cybercriminals use malware to do everything from harass users to steal sensitive data.

Web-based threats – or online threats – are malware programs that can target you when you’re using the Internet. These browser-based threats include a range of malicious software programs that are designed to infect victims’ computers.

The main tool behind such browser-based infections is the exploit pack – which gives cybercriminals a route to infecting computers that either:

Applications and OSs that are targeted by online threats

Cybercriminals will use almost any vulnerability – within an operating system (OS) or an application – in order to conduct an exploit-based attack. However, most cybercriminals will develop web threats that deliberately target some of the most common OSs and applications, including:

  • Java
    Because Java is installed on over 3 billion devices – that are running under various operating systems – exploits can be created to target specific Java vulnerabilities on several different platforms / OSs.  
  • Adobe Reader
    Although Adobe Reader has been targeted by many attacks, Adobe has implemented tools to protect the program against exploit activity – so that it’s getting harder to create effective exploits for the application.  However, Adobe Reader was still a common target over the past 18 months.
  • Windows and Internet Explorer
    Active exploits still target vulnerabilities that were detected as far back as 2010 – including MS10-042 in Windows Help and Support Center, and MS04-028 which is associated with incorrect handling of JPEG files.
  • Android
    Cybercriminals use exploits to gain root privileges.  Then, they can achieve almost complete control over the targeted device.

Millions of web attacks… every day

In 2012, the number of browser-based attacks was 1,595,587,670. On average, that means Kaspersky Lab products protected users against web threats more than 4.3 million times every day.

Kaspersky’s Internet security experts have identified the most active malicious software programs involved in web threats. The list includes the following types of online threats:

  • Malicious websites
    Kaspersky identifies these websites by using cloud-based heuristic detection methods.  Most malicious URL detections are for websites that contain exploits.

  • Malicious scripts
    Hackers inject malicious scripts into the code of legitimate websites that have had their security compromised.  Such scripts are used to perform drive-by attacks – in which visitors to the website are unknowingly redirected to malicious online resources.

  • Scripts and executable PE files
    Generally, these either:
    • Download and launch other malicious software programs
    • Carry a payload that steals data from online banking and social network accounts, or steals login and user account details for other services
  • Trojan-Downloaders
    These Trojan viruses deliver various malicious programs to users’ computers.
  • Exploits and exploit packs
    Exploits target vulnerabilities and try to evade the attention of Internet security software.

  • Adware programs
    Often, adware will simultaneously install when a user starts to download a freeware or shareware program.

The TOP 20 malicious objects detected online

In 2014, Kaspersky Lab’s web antivirus detected 123,054,503 unique malicious objects: scripts, exploits, executable files, etc.

We identified the 20 malicious programs most actively involved in online attacks launched against computers in 2014. These 20 accounted for 95.8% of all online attacks.

Name* % of all attacks**
1 Malicious URL 73.70%
2 Trojan.Script.Generic 9.10%
3 AdWare.Script.Generic 4.75%
4 Trojan.Script.Iframer 2.12%
5 Trojan-Downloader.Script.Generic 2.10%
6 AdWare.Win32.BetterSurf.b 0.60%
7 AdWare.Win32.Agent.fflm 0.41%
8 AdWare.Win32.Agent.aiyc 0.38%
9 AdWare.Win32.Agent.allm 0.34%
10 Adware.Win32.Amonetize.heur 0.32%
11 Trojan.Win32.Generic 0.27%
12 AdWare.Win32.MegaSearch.am 0.26%
13 Trojan.Win32.AntiFW.b 0.24%
14 AdWare.JS.Agent.an 0.23%
15 AdWare.Win32.Agent.ahbx 0.19%
16 AdWare.Win32.Yotoon.heur 0.19%
17 AdWare.JS.Agent.ao 0.18%
18 Trojan-Downloader.Win32.Generic 0.16%
19 Trojan-Clicker.JS.Agent.im 0.14%
20 AdWare.Win32.OutBrowse.g 0.11%

* These statistics represent detection verdicts from the web antivirus module. Information was provided by users of Kaspersky Lab products who consented to share their local data
** The percentage of all web attacks recorded on the computers of unique users