It has been common for quite some time that the Internet or the World Wide Web be the most usual angle of attack for hackers, most often targeting software vulnerabilities or using exploits on the receiving client.

Software vulnerabilities can be anything from third party software exploits to Cross-site scripting (XSS).

The most commonly exploited software on your PC has been Oracle Java, Adobe Flash and Adobe Acrobat Reader for many years. More frequently, now browsers such as Google Chrome and Internet Explorer are also being exploited, which make World Wide Web exploits a serious information security risk.

That means that software on your computer or your corporate environment is also a risk, so make no mistake about it. In approximately 70% of web based attacks the direct target is a vulnerability on your computer.

Other angles of attack used by hackers from the Internet are attacks such as phishing, drive-by downloads, watering hole attacks or social website attacks. If you don’t know them, you can read more about each important type of attack.

So, since the Internet or websites are now the most commonly used angles of attack, delivering a variety of attacks types, let’s find out which sources of the Internet are actually delivering them to your computer or which underlying sources are trying to infect your company’s organization.

Please keep in mind that the information below does not refer to websites that a computer user might access (e.g., but it concerns the original source for the malicious content. The source of infection could be the visited website, but also concealed content, which is loaded from another website (e.g. through an iFrame).

Most common World Wide Web exploits used to deliver cyber-attacks

The following is a detailed list of which types of websites are being used to deliver malicious attacks by hackers (data extracted from our comprehensive Heimdal Security Intelligence Database):

  • 90,0% – delivered from advertising networks
  • 4,63% – websites being used only for malicious purposes
  • 4,10% – delivered from remarketing networks
  • 1,20% – the actual website itself, which is malware infected
  • 0,04% – typo squatting normal websites
  • 0,03% – Content Delivery Networks.

Some of the categories above deserve a more in depth look on the type of attack used.

Within the category of websites used only for malicious purposes, the split of the attack type is:

  • 88,6% – websites used to deliver drive-by downloads
  • 10,7% – websites used for phishing attacks
  • 0,70% – websites used for redirecting the user to other destinations on the Internet, which are malware infected.

How hackers target vulnerabilities in your system

Within the advertising and remarketing space, the most often attack type used is targeting vulnerabilities or using exploits on your PC. The rest is a blend of methods used to deliver malware to the computer.

However, looking at the numbers below, we will have to remember that World Wide Web exploits can also be used with a variety of intents. So this is just a view of the initial attack purpose, not the final goal.

The assumed total look of attack types is therefore as follows:

  • Trying to target vulnerabilities and exploits – 75,6%
  • Trying to deliver malware to the PC – 23,9%
  • Trying to fish the user for personal information – 0,50%.

As we have covered in earlier blog posts, it is commonly known that Oracle Java, Adobe Reader or Adobe Flash is present on 99% of computers. Not only that, but the vulnerabilities seen in these types of software are extremely critical, which means that a simple click on a advertising banner could give a hacker full access to your computer.

Also recently Adobe Flash was directly integrated as a component in Google Chrome and Internet Explorer, which means that the number of World Wide Web exploits related to it is likely to increase.

Only 3 weeks ago Adobe Flash had 4 vulnerabilities within a week, so it is fully understandable why hackers take this route to attack your PC.

As a private PC user, CIO or IT manager, we can therefore only urge you to find a web-filtering tool and keep your software up to date. Having traffic filtering enabled will help protect you against Zero Hour vulnerabilities as well.


[…] they’ll use your browser’s vulnerabilities to find security holes they can exploit to infect your computer […]

[…] take printscreens of your browser, see your browsing history and much more. The browser is a key tactic to deliver cyber attacks (along with spam emails), so you have to do everything you can […]

[…] World Wide Web exploits are multiplying aggressively, so protecting your company means being constantly educating yourself to know these dangers and do everything you can, with the resources you have, to prevent attacks or have a recovery plan if they happen. […]

[…] the intelligence previously shared from our database, 70% of web based attacks the direct target is a vulnerability on end users’ […]

[…] Interestingly enough, more than 62% of exploits used in cyberattacks are distributed through browsers and 90% of the most common World Wide Web exploits are delivered from advertising networks. […]

[…] used by cyber-attackers. First, you should know that according to the precious data derived from Heimdal Security Intelligence Database, 90% of the websites that delivered malicious attacks are advertising networks while around 4.6% […]

[…] climbing numbers confirm the trend spotted earlier this year, where 90% of web exploits are delivered from advertising networks. Moreover, since last year, advertising rates have tripled – talk about a growing […]

[…] Users are also in danger, since “70% of web based attacks target a vulnerability on your computer,” according to our data. […]

[…] your vulnerable applications to the latest versions, thus closing vulnerabilities on your PC. Over 70% of web based attacks target a vulnerability on your computer, but you don’t need an assistant to assign your updates to. Just install the software and let it […]

[…] we know, Java is one of the most frequently exploited software in the world, and that’s not something to be taken […]

[…] we know, Java is one of the most frequently exploited software in the world, and that’s not something to be taken […]

[…] the same time, we noticed that software vulnerabilities can be used by cyber-criminals to deploy web exploits in order to steal your sensitive […]

[…] criminals always try to use security holes in popular – but vulnerable – software from our systems, from Java, Adobe Flash to most […]

[…] could expose you to serious cyber attacks, such as Zero Day attacks, which are downright vicious. Automatic patching could be your safeguard here, though, because you don’t have to do the whole thing manually. Instead, an option such as […]

[…] we have observed in releasing patches for browser vulnerabilities, but also in applications, where Internet exploits are used to deliver malicious […]

[…] Exploits in this category, targeting Oracle Java, Adobe Reader or Adobe Flash software and derivative applications will continue to rise in numbers and severity, which is why every user should get adequate protection. […]

[…] campaigns and drive-by downloads to deliver malware but, as we have recently disclosed in this article, 70% of web attacks target a software vulnerability on your computer and 90% of them are delivered […]

[…] answer is “yes” in 99% of the cases. It’s essential to know that these types of software are notorious for their vulnerabilities, if left […]

Leave a Reply

Your email address will not be published. Required fields are marked *