[ISN] China hosts nearly half of malware sites

From: InfoSec News (alerts@private)
Date: Tue Sep 04 2007 - 02:59:36 PDT


http://www.zdnetasia.com/news/security/0,39044215,62031747,00.htm

By Victoria Ho
ZDNet Asia
September 03, 2007

China is host to almost half of the world's malware-infected Web sites.

According to a report released Monday by antivirus company Sophos, 
China--including Hong Kong--hosted 44.8 percent of the world's infected 
sites in August 2007. The United States ranked a distant second, hosting 
20.8 percent of Web sites that contain malicious code.

The number of infected Web pages has also grown. Sophos said that it 
detected an average of 5,000 new infected pages each day in the month of 
August.

The company warned that simply staying clear of sites hosted in the top 
three countries of China, United States and Russia was not effective in 
avoiding malware.

Said Carole Theriault, Sophos senior security consultant, in a 
statement: "While more than three quarters of infected Web pages are 
hosted in just three countries, that doesn't mean you only get hit if 
you visit Web sites based in those areas.

"Hackers are hijacking Web sites around the world to make them point to 
malware on sites based in China, the United States and Russia. 
Cybercriminals don't discriminate when it comes to targeting the Web," 
she added.

Sophos also warned against a sharp rise in spam pointing people to these 
infected sites. Malicious senders, in an attempt to bypass attachment 
virus scanners, are using messages that direct users to Web sites with 
malicious code. Computers get infected when users click on the links in 
the e-mail message.

"Most malware writers...are using spam and the Web to infect users," 
said Theriault. "Criminals are hard at work trying to slip past filters 
at the corporate gateway."

June saw a spike in spam hosted on Chinese domains, where the figure 
rose from almost zero to 450 spam domains.


____________________________________
Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 
http://conference.hitb.org/hitbsecconf2007kl/



This archive was generated by hypermail 2.1.3 : Tue Sep 04 2007 - 03:09:16 PDT