For example, a huge spam run with a Trojan horse program - one that looks harmless but isn't - is usually quickly detected by antivirus companies, which issue updates for their software to detect the malware.
However, the quantity of malicious code has moved security vendors to add other defenses to their software, such as the ability to detect when a new program is doing something suspicious, such as suddenly communicating with a remote server.
It wasn't immediately clear how many Wwebsites may be using this style of attack. However, Finjan said it's an example of how hackers are raising the bar to mask their attacks on computers and steal data, such as bank details.
"Large numbers of infected users means higher revenues for the attackers," Finjan said.