Signature-based Antivirus is not adequate
Poorly written malware will set off antivirus alarms on end-user PCs accessing the injected website. While this is embarrassing and damages the corporate reputation, ultimately it will not compromise those clients who have enabled and properly configured their basic desktop security mechanisms.
However, the vast majority of malware is crafted using obfuscation, encoding and packing techniques that make it invisible to even the most up to date AV. When dealing with this type of malware, signature based detection is largely ineffective.
Google Safe Browsing API is not adequate
Malware injection causes Internet users to download and execute malware without their knowledge or consent. Without active malware injection monitoring, business owners will only be aware that their website is initiating drive-by downloads when it is flagged by search engines (such as Google) as a source of malware. Once this happens, business reputation will be severely damaged and website traffic will decrease, driving down business revenue and marketing profile.
There are technologies that consolidate malware threat feeds and signatures from Google's malware samples. However, as they are largely reliant on Google's Safe Browsing Index, they will rarely alert businesses in time to prevent Google flagging.
Behavioral analysis detects malware injection immediately
The ideal solution is an active malware injection monitoring service such as HackAlert™. This behavioral analysis solution scans the website continuously, generating HTTP requests and analyzing HTTP responses for parameters that exhibit potential malicious behavior such as obfuscated redirection to 3rd party websites or active malware downloads. For more information on HackAlert™ refer to HackAlert FAQ for more details.