IT security firm Sophos today released a list of the top ten countries hosting malware on the web, indicating which territories are the biggest offenders.<\/p>\n
Sophos detected over 50,000 newly infected web pages every day with its findings revealing that the problem of compromised websites is truly global.<\/p>\n
Top ten countries hosting malware on the web, January – December 2009:<\/p>\n
1. United States 37.4%<\/p>\n
2. Russia 12.8%<\/p>\n
3. China 11.2%<\/p>\n
4. Peru 3.7%<\/p>\n
5. Germany 2.6%<\/p>\n
6. South Korea 2.4%<\/p>\n
7. Poland 2.1%<\/p>\n
8. Thailand 2.0%<\/p>\n
9. Turkey 1.9%<\/p>\n
10. United Kingdom 1.6%<\/p>\n
Other 22.3%<\/p>\n
“The USA is still hosting more dangerous infected websites that any other country. However, just because the malware is planted on the web in these countries doesn’t necessarily mean that the hackers themselves are based in the same place. Cyber criminals will attempt to infect websites anywhere in the world,” says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.<\/p>\n
While China and Russia continue to provide some strong competition for the top position, China’s share has dropped considerably from second place with 27.7% in 2008 to third behind Russia with 11.2% in 2009.<\/p>\n
China’s drop down the chart continues a trend set in 2008, when China’s figure had dropped from 51.4% in 2007. The remainder of malicious pages are scattered all over the world, with Peru moving strongly up the list to fourth place at 3.7%.<\/p>\n
The traditional method of web attack was for hackers to create maliciously crafted sites and lure victims in with promises of desirable or salacious content – and this technique still continues to flourish. <\/p>\n
“This is now rivalled by the huge problem of criminals injecting viral code into legitimate sites that have not been properly secured,” says Myroff.<\/p>\n
“These hacked sites are particularly dangerous because of the large amount of traffic they may already receive, and because visitors may feel they can trust any unusual pop-ups they see.”<\/p>\n
A growing method that hackers use to exploit legitimate websites involves placing malicious adverts (known as “malvertising”). Websites that fell victim to malvertising attacks, and thus passed infections on to their readers, included The New York Times and technology website Gizmodo.<\/p>\n
Other compromised legitimate websites seen in the last year have included the sites of musician Van Morrison, the UK’s leading fish-and-chip chain Harry Ramsden’s, and the foreign embassies of India, Azerbaijan, Ethiopia, Republic of Sudan and the US Consulate General in St Petersburg, Russia. Many of these sites served up fake anti-virus scans, designed to scare visiting users into believing that their computer had a security problem and trick them into installing dangerous software or handing over their credit card details for a ‘cure’.<\/p>\n