Update: See here for the full writeup.
The spectre of lawsuits, broad use of XP Service Pack 2 and FTC enforcement seems to be helping:
A new study details the extent and seriousness of potentially destructive spyware on the Internet, finding that it is still prevalent but declined significantly…
The study examined popular categories of Web sites including games, news and celebrity sites. Among the findings:
- More 5 percent [sic] of executable files contain piggybacked spyware.
- One in 62 Internet domains performs “drive-by download attacks” to force spyware on users who simply visit the site.
- Game and celebrity Web sites appeared to pose the greatest risk for piggybacked spyware, while sites that offer pirated software topped the list for drive-by attacks.
Suzi Tuner at ZDNET makes a good point, though:
One in 62 of 20 million sites is quite a large number still. The article does not mention if porn sites were checked. Porn sites are a huge source of spyware usually downloaded though exploits. The CoolWebSearch porn sites alone number in the thousands and are guaranteed to give you a nasty payload. This page at Webhelper’s site has links to lists of CWS sites and the Apha Sort in Text Format list has 3,500 sites listed. Most of them are porn sites.
We’ll have to see what the full details are when the final paper is released.