Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

CommunityIQ Data Released For Online Threats

Avast Software : 16 April, 2010  (Technical Article)
Avast! Antivirus user community contribute to understanding of evolving web threats with first results published from malicious code sampling
Researchers at ALWIL Software, providers of the avast! Antivirus program, have released the first set of data from its CommunityIQ, an opt-in sensor program for the 100 million avast! Antivirus users.

CommunityIQ is the world's first large-scale sampling of online threats. Sensors in the avast! Antivirus program identify malware and infected websites by analyzing suspicious behaviour, use of malicious code, and past experience with other avast! users.

"The huge numbers of CommunityIQ member's create a "cloud" of sensors that gives us a real-time snapshot of the threats posed by websites across the internet," said Vince Steckler, CEO of avast! maker ALWIL Software. "Our cloud gives a huge time-sensitive amount of data on the state of malware and viruses across the web."

Globally, the 1Q'2010 set of data includes 252,000 infected domains which were visited and identified through 11.9 million visits by CommunityIQ members.

For UK-based websites, the list includes over 3,000 infected domains. Many of the infected sites - all with the suffix - were small businesses or travel sites such as, and

"Harry's bars wants to be a hot spot in Dorest, but not for malware infection, and they did have an iframe infection for 30 days. Most of the sites on our list are legitimate places that a normal user would never suspect could be infected - but they are," said Steckler. "And we know Harry's had an infection due to repeated visits by our CommunityIQ members. Other infections have lasted much longer, such as the 153 days at There are sites on our list - mostly adult-orientated - that have been designed to spread malware. But, these are the minority. If you look at the total number of user visits, it's the ordinary sites that are the most dangerous."

For French-based websites, CommunityIQ members visited over 300 infected domains every day with the .fr (France) suffix, identifying over 3,000 separate domains during the quarter. Three of the most infected sites by number of visitors were,, and "Free" is big attraction for malware targeting French consumers, with over a sixth of the sites pushing malware using the word free in the url.

"Every time a CommunityIQ member visits a website, the avast! antivirus installed in their computer performs a rigorous scan and examines the behaviour of the site for any infection, viruses, or suspicious activity. If this uncovers malware, avast! then shuts off the connection - protecting the user's computer - and sends data off for analysis.

This anonymous packet of data includes information on the malware type, visited website, and computer applications running at the time of exposure. The data allows the discovery of known infections and provides useful clues through behavioral analysis and cross-referencing of operating systems, service packs, browser data to allow avast! researchers to spot variants and also new threats and possible attack vectors.

By combining reports from individual CommunityIQ members, avast! researchers are able to identify new malware, chart the spread and duration of the infection. Other CommunityIQ data is processed automatically and forms the basis for the daily virus database updates.

"The data from the IQcommunity is invaluable as it is based on the real surfing experience of a large sample size," explains Mr. Steckler. "Most community members are just average PC users that go online as part of their daily regime. This increases the potential to find and clarify new threats at close to or even at zero day."

avast! will be releasing a detailed CommunityIQ internet security barometer report later in the year which will have detailed statistics on the threat landscape broken down by country and domain as well as information on emerging threats captured by behavioral analyses.

"Our goal is to make information from the CommunityIQ freely available to improve overall internet security," adds Steckler, "We would also like to thank users within the CommunityIQ for their support and wish them happy - and safe - surfing."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo