Criminals running websites that push drive-by exploits overwhelmingly prefer the Firefox browser, according to a researcher who spent the past three months surveilling their browsing habits.
Mozilla's Firefox was used by 46 per cent of the exploit kit operators who were tracked in the study, according to Paul Royal, principal researcher at Purewire, a company that protects customers against malicious websites. One third of the Firefox users browsed using a 3.0 version, while 13 per cent had upgraded to the most recent 3.5 version.
Interestingly, Opera, which by some measures has only a 2 per cent market share, ranked second among the kit operators, with 26 per cent.
"I think that's probably because operators have a familiarity with the web threat landscape," Royal told The Register, suggesting that many black-hat hackers take a security-through-obscurity approach to making sure they themselves don't get hit. "It makes them wary of using mainstream browsers."
In a nutshell: use Firefox with the NoScript add-in and make your browsing life 90% more secure.