This article over at SecurityFocus has some eye opening comments from the authors of the Mpack exploitation kit. The increasing popularity of compromised websites being used as an exploitation platform against end users is becoming a worrying trend. There are a couple of tongue in cheek comments like these -
Do you feel sorry for the people whose machines are infected by an attack?
Well, I feel that we are just a factory producing ammunition.
How widespread is MPack at this point?
I really don’t know about the number of (download) servers. I suppose it counts in the tens. But if you are talking about the pages containing the IFrame that refers to the server with the pack, that may be in the tens of thousands. (Some security firms’ estimates of hundreds of thousands) sound a bit large but may be true. The clients don’t give us any usage statistics.