Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

The USA, China and Russia host over half of all the planet's malware

Sophos : 04 February, 2010  (Technical Article)
Sophos reveals the top 10 countries of the world hosting malware with America still topping the list with over 37% of all malware hosted in the nation
IT security and data protection firm Sophos has revealed details of the top ten countries hosting malware on the web, passing on malware infections to innocent computer users.

Every day Sophos discovers over 50,000 newly infected webpages, and its findings reveal that the problem of compromised websites is truly global.

Top ten countries hosting malware on the web, January - December 2009:

1. United States 37.4%
2. Russia 12.8%
3. China 11.2%
4. Peru 3.7%
5. Germany 2.6%
6. South Korea 2.4%
7. Poland 2.1%
8. Thailand 2.0%
9. Turkey 1.9%
10. United Kingdom 1.6%
Other 22.3%

'The USA is still the dirty man of the web world - hosting more dangerous infected websites that any other country,' said Graham Cluley, senior technology consultant at Sophos. 'Of course, just because the malware is planted on the web in these countries doesn't necessarily mean that the hackers themselves are based in the same place. Cybercriminals will attempt to infect websites anywhere in the world - it's perfectly possible for a website in Tooting to be infected by a hacker in Timbuktu.'

The US remains the main hosting ground for malicious webpages. While China and Russia continue to provide some strong competition for the top position, China's share has dropped considerably from second place with 27.7% in 2008 to third behind Russia with just 11.2% in 2009.

China's drop down the chart continues a trend set in 2008, when China's figure had dropped from 51.4% in 2007. The remainder of malicious pages are scattered all over the world, with Peru moving strongly up the list to fourth place with 3.7%.

'The traditional method of web attack was for hackers to create maliciously crafted sites and lure victims in with promises of desirable or salacious content - and this technique still continues to flourish.

But it is now rivalled by the huge problem of criminals injecting viral code into legitimate sites that have not been properly secured,' explained Cluley. 'These hacked sites are particularly dangerous because of the large amount of traffic they may already receive, and because visitors may feel they can trust any unusual popups they see.'

One of the growing methods through which hackers exploited legitimate websites during the last 12 month was the placing of malicious adverts (known as 'malvertising'). Websites that fell victim to malvertising attacks, and thus passed infections on to their readers, included the New York Times and technology website Gizmodo.

Other compromised legitimate websites seen in the last year have included the sites of musician Van Morrison, the UK's leading fish-and-chip chain Harry Ramsden's, and foreign embassies of India, Azerbaijan, Ethiopia, Republic of Sudan, and the US Consulate General in St Petersburg, Russia. Many of these sites served up fake anti-virus scans, designed to scare visiting users into believing that their computer had a security problem and trick them installing dangerous software or handing over their credit card details for a 'cure'.

'Webmasters need to take much better care of their sites, ensuring that they are securely coded and properly patched against hackers injecting malicious software into their pages,' continued Cluley. 'Meanwhile, all computer users should be protected by a security solution that scans every webpage visited, and every link clicked on, to see if it could contain dangerous content. You scan your email for viruses - you should do the same for websites.'

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo