[ISN] China now global hub for spyware

From: InfoSec News (isn@private)
Date: Fri May 12 2006 - 01:10:50 PDT


By John E. Dunn
11 May 2006

China has overtaken the US as the major distributor of spy and
malware, the latest trend report from Webroot has claimed.

The company used its "Phileas" malware tracking system to reckon
China's proportion of global spyware as being 42 percent for the first
quarter of 2006, with the US a distant second at 17 percent. This
reverses the figures for Q4 of 2005, where the US was ahead.

If accurate, the figures are a strong indication that 2006 will be the
year that China, as long predicted, overtakes the US as the world’s
number one malware producer. Last month, Sophos rated China as now
only a fraction behind the US in the bellweather spam production

The Netherlands, France and Spain come next with a combined total of
12.5 percent of malware, but no one country comes close to two main

Other statistics include the news that the cumulative figure for
malware-distribution sites has risen from 400,000 in 2005 to 427,000
in the first quarter of this year.

The report notes that phishing attacks have made a comeback, after a
period of relative stability, something the company attributes to the
easier availability of Trojan source code on the Internet.

Keyloggers are also advancing, with new techniques such as
kernel-level driver designs and rootkits to the fore. More and more of
these programs are setting out to disrupt anti-malware software as
part of their attempt to avoid detection. The average piece of malware
now comes in ten different variants.

Explanations for China's increasing prominence in malware vary. Some
have said that the country is favoured as a relay point for attacks
that originate elsewhere thanks to its lax controls and legislation.  
So the statistsics don't necessarily mean that China is the world's
largest producer of malware, only its new distribution hub.

Webroot points to legislation as being the deciding factor.

"One reason for China's hosting growth could be due to impending
anti-spyware legislation in the United States driving spyware writers
to less monitored and regulated countries," the report says.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Fri May 12 2006 - 01:18:03 PDT