In the most recent Security Threat Report, security vendor Sophos has blasted the U.S. for hosting more malicious content than any other nation. Point in case, the U.S. hosted thirty-seven percent of the world's Malware in 2008.
Sophos releases new security report shaming the U.S. for Malware.(IMG:Sophos)
"Not only is the USA relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious Web pages," said Graham Cluley, senior technology consultant for Sophos.
"We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today."
As evidence of this, when an American internet company (McColo), accused of collaborating with Spammers and criminals, was disconnected from the net in November, there was a staggering seventy-five percent drop in spam. The levels of spam and bot activity has started pick up again from locations other than the U.S. however.
The other top producers according to the report include China (#2), Russia (#3), Germany (#4), and South Korea (#5).
Another trend is the rate of Web page infection. Sophos said that they have discovered a newly infected Web page every 4.5 seconds. New Spam-related sites are discovered every fifteen seconds.
Sophos also makes a prediction. “Although the sheer number of Windows threats far outweighs attacks against any other platform, cybercriminals are turning their attention to other operating systems such as Apple Macintosh, and vulnerable cross platform software. This seems likely to continue in 2009, with the increasing popularity of portable devices such as the iPhone, iPod Touch, Google Android phone, and ultra mobile [notebooks].”
Spammers and Malware authors have also shown a serious interest in websites like Facebook - breaking into accounts to take advantage of trusted social networks and send Spam and malware. The criminals are taking advantage of the complete lack of common sense for the bulk of the Facebook network; this is also the case for MySpace users.
In a perfect example of why Social Engineering works, Facebook was in the spotlight recently over an outbreak of the Koobface Trojan. Koobface uses the social network's messaging system to infect PCs, and then tries to gather sensitive information such as credit card numbers.
It was spreading because people clicked on messages that appeared in their message box touting a recent video appearance. While most people would or should recall that they were in a home movie recently, most of them didn’t think along those lines and installed the Malware on their own with little prompting. (It was disguised as a video codec.)
Looking to the future, Sophos concludes that there will be an increase in malicious email attachments.
“These will be legitimate looking data files, such as Word DOCs and PDFs that are booby-trapped with exploits against software vulnerabilities. Viewing these files, which would be harmless on a patched computer, could lead to an invisible disaster on an unpatched one,” the report states.
Web server security is another prediction. “…notably weakness against automated remote attacks such as SQL injections, will continue to be the primary way of distributing web-borne malware.”
The full report is available now online: http://www.sophos.com/securityreport2009
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story