"About 15 percent of malicious sites designed to steal information have kit code or a derivation of kit code," said Dan Hubbard, the vice president of security research at San Diego-based Websense.