“This site may harm your computer”. How to recognize and defeat website infections

http://www.securelist.com/en/analysis/204792245/This_site_may_harm_your_computer_How_to_recognize_and_defeat_website_infections skrev:

Mass website infections are one of the biggest problems in contemporary IT security. The size of the problem is reflected, for example, in the amount of queries to our Technical Support concerning warnings about malicious websites. Website owners usually complain that our product incorrectly blocks access to their portal and it must be a false alarm as they do not host any malicious content. Unfortunately, in most cases they are wrong and malicious scripts can indeed be found within their websites - injected into the original PHP, JS or HTML code by attackers. These scripts usually redirect visitors to the website to malicious URLs from where malware is downloaded and executed on the victim’s computer. In most cases, the execution of malware is completely invisible to the user, who sees the website appearing to operate as usual. Malicious code exploits vulnerabilities in software running on the user's computer (like Java, Flash, PDF viewers, browser plugins, etc.) to silently install itself on an attacked machine. This method is called a “drive-by download” and has already been extensively described on Securelist.

In the following article we would like to focus on information that may help website administrators identify and remove malware from their websites. ...