Researchers at the University of California at Santa Barbara have gathered data on compromised pages and the would-be victims of drive-by downloaders. The computer network of criminals drive around and hijack wireless connections and infect legitimate sites with malicious code that redirect users to malicious sites. The researchers conducted a four-month study in which they connected their servers to a collection of compromised computers known as the Mebroot botnet. Among their findings, the researchers discovered that, while the seedier sites on the Internet--those hosting porn and illegal downloads--were most effective at redirecting users to a malicious download site, business sites were more common among the compromised referrers. The Mebroot network uses compromised websites to redirect visitors to centralized download servers that attempt to infect the victim's computer. The malicious software, named for its tactic of infecting a Windows computer's master boot record (MBR), shows signs of professional programming, including a rapid cycle of debugging, researchers say.

[Source and Photo Credit: Technology Review ]