Security company Sophos reported last month that the number of malicious Web sites has skyrocketed over the past few months, from 5,000 new ones a day in April to nearly 30,000 a day in early July. One reason, according to Sophos researchers, is that hackers are increasingly turning away from e-mail as their preferred method of spreading malware and putting their focus on malicious sites. In some cases, they're creating their own sites, but in most cases they're hacking into legitimate sites and embedding malware into them.
The mock-up of the alert appears as a red-letter warning that doesn't have a click-through option, and the malicious page wouldn't be able to load. It's still a work in progress, and it could change dramatically before Firefox 3.0 ships, Snyder says. Technicians are debating whether there should be an override mechanism that lets users go to malicious pages regardless of the danger.