Antivirus software

U.S. Computers Generate Most Malware

security,, threats, cybercrime, malware, sophos, spam
Graphic: Diego Aguirre
American websites host more malware and computers relay more spam than any other country, the latest security report showed.

As evidence of this, when an American Internet company, accused of collaborating with spammers and hackers, was disconnected from the net in November, the level of spam staggered down 75 percent.

The 'Security Threat Report 2009' was just published by Sophos, the U.K.-based IT security and control firm, which examined the threat landscape over the last twelve months, and predicted the emerging cybercrime trends for 2009.

Too many compromised computers

"Not only is the U.S. relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious Web pages," said Graham Cluley, senior technology consultant for Sophos. "We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today."

Sophos's research reveals that in 2008, organized criminal gangs tripled their attacks against innocent websites, injecting malicious code to infect visiting home users and businesses.

In addition, 2008 has seen concerted campaigns by hackers to pose as legitimate anti-virus vendors, creating new professional-looking websites and applications every day with the intention of scaring users into believing that their computers have been compromised.

On average, five new scareware websites were identified each day by Sophos, with the figure peaking at more than 20 per day on occasion.

Trusted networks targeted

The report also documented the major Internet attacks of 2008, and showed a rise in hackers spamming out malicious attachments, designed to compromise PCs in order to steal identities, money and resources. By the end of 2008, Sophos was tracking five times more malicious attacks arriving through files attached to e-mails than at the start of the year.

Spammers and malware authors have shown interests in websites such as Facebook - hacking into innocent users' accounts to take advantage of trusted social networks and send spam and malware.

"The last year proved beyond doubt that Internet hacking gangs are organised like never before, often working across borders to steal money and data from unsuspecting users. The volume of attacks has increased, with hackers using automated systems to break into vulnerable websites or generate new variants of their malware," said Cluley.

"People need to wake up to the reality that the completely legitimate Web site they are visiting could be harbouring a dangerous malware infection planted by hackers. As we enter 2009, we are not expecting to see these assaults diminish. As economies begin to enter recession it will be more important than ever for individuals and businesses to ensure that they on guard against Internet attack," he said.

Internet attacks are overwhelmingly orchestrated via networks of innocent home computers that have--unknown to their owners--been commandeered by hackers. Sophos urges home users and businesses to properly defend their personal computers with up-to-date anti-virus software, security patches and firewalls.

Statistics and findings

• Biggest malware threats - SQL injection attacks against websites and the rising tide of scareware.

• New Web infections - one new infected Web page discovered by Sophos every four and a half seconds (Three times faster than in 2007).

• Malicious e-mail attachments - five times more at end of 2008 than at the beginning.

• U.S. hosts the most malware on the Web (37 percent), usurping China's position in 2007.

• U.S. computers relay the most spam (17.5 percent).

• Increasing allegations of state-sponsored cybercrime, as China, North Korea, Russia and Georgia amongst those accused of espionage and assaults via the Internet.

Top malware-hosting countries

In 2007, China was responsible for hosting more than 50 percent of all Web-based malware. This position was taken over by the U.S. in 2008.

The top ten malware-hosting countries in 2008 are:

1. U.S. 37.0 percent

2. China (including HK) 27.7 percent

3. Russia 9.1 percent

4. Germany 2.3 percent

5. South Korea 2.1 percent

6. Ukraine 1.8 percent

7. United Kingdom 1.7 percent

8. Turkey 1.5 percent

9. Czech Republic 1.3 percent

10. Thailand 1.2 percent

Other malware-hosting countries in Asia are Malaysia (0.1 percent), Japan (0.1 percent), Singapore (less than 0.1 percent). The spam-relaying countries are Philippines (0.9 percent), Japan (0.6 percent), Australia (0.6 percent), and Singapore (0.3 percent).

Subscribe to the Daily Downloads Newsletter

Comments