Drive-by code and Phishing on Swiss websites in 2014

In 2014, about 1,800 Swiss websites were cleaned from drive-by code, compared with 2,700 in 2013, a decline of 33%. At the same time, the number of phishing cases affecting .ch and .li top-level domains rose from only a handful in 2013 to more than 300.

Drive-by code on Swiss websites in 2014

Last year, 35,796 suspicious drive-by URLs in the .ch and .li top-level domains were reported to SWITCH. Security experts from SWITCH-CERT automatically sent requests to these servers and analysed the responses, looking for malicious code injected into the HTML source code. When an expert identified malicious code, the registrar or domain name holder and the web hoster were notified and asked to remove it within one working day. This was done for 1,839 domain names in 2014. In 1,493 (81%) cases, the code was removed by the web hoster or domain holder within one day. For the other 346 domains, the deadline was not met, and the domain name was temporarily suspended to prevent further damage to website visitors. Some 264 (14%) of the infected websites were cleaned of malicious code, with the remaining 82 domain names having to be reactivated after five days, the maximum suspension time by law. A request for identification was sent to the holders of all 82 domains, resulting in an additional 59 (3.2%) of websites being cleaned. A total of 23 (1.3% of all notified) domain names were deleted after 30 days because the domain holder failed to respond to the identification request.

Compromised .ch and .li websites used for drive-by infections by quarter

Continue reading “Drive-by code and Phishing on Swiss websites in 2014”

The March 2015 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Fish bites angler – Lenovo, Komodia and Superfish
  • Gemalto-gate – secret service hack goes right to the roots of mobile security
  • Carbanak – digital bank robbery on a grand scale
  • It’s not all bad news – Europol takes down Ramnit botnet
  • The Clipboard: Interesting Presentations, Articles and Videos

The Security Report is available in both english and german language.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


IT-Security-Links #71


  • Das Bayrische Landesamt für Datenschutz hat aktuelle Smart-TVs auf Sicherheit und Datenschutz untersucht. Wegen des Verbraucherschutzes Schutzes von Betriebsgeheimnissen wird der Prüfbericht aber nicht veröffentlicht.
  • Die Digitale Gesellschaft Schweiz veröffentlichte ihren Swiss Lawful Interception Report 2015 zu den Überwachungsaktivitäten von Bund und Kantonen.
  • Mobiles Arbeiten liegt im Trend und ist mit Sicherheitsrisiken verbunden, auch in der Bundesverwaltung. Da ist es besonders kritisch, wenn sich entsprechende IT-Projekte, z.B. zur Absicherung von Fernzugängen, verzögern.