Web pages infected by malware continued to pose a threat in May, affecting official government websites as well as other legitimate pages, as did email-borne threats, according to IT security firm Sophos, MarketingCharts writes.

Sophos uncovered on average 9,500 new infected web pages daily in May - an increase of more than 1,000 every day compared with April, sophos said (via e-consultancy). In total, Sophos identified 304,000 web pages hosting malicious code in May.

The top 10 list of web-based malware threats in May:

Iframe, which works by injecting malicious code onto legitimate web pages, continues to dominate the chart, accounting for almost two thirds of all web-based threats in May. Three "newcomers," Redlof, Roor and Soraci, are appending viruses, infecting HTM, HTML and HTT files, among others. They are relatively old viruses, illustrating that many web administrators are failing to keep their websites safe from hackers, Sophos said.

The top 10 list of countries hosting malware-infected web pages in May 2007 were as follows:

China is responsible for hosting more than half of infected web pages identified by Sophos, largely due to increased reports of Iframe, which has been widely reported on unprotected Chinese web pages. The US is second in hosting malware-infected pages, with more than 27%.

Thailand has entered the chart for the first time at number five. Sophos research found that many of the infected web pages hosted in Thailand are on government websites that have been infected by malware.

MarketingCharts also provides the top 10 list of email-based malware threats in May as well as the top 10 email hoaxes and chain letters.