In association with heise online

04 December 2007, 14:11

China remains virus dispersal hub

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

China apparently remains the most popular refuge for malicious code on the internet. According to Sophos, the majority of infected websites are currently located there. Around 55 percent of all virus dispersers are in China, just under 20 percent in the US and just 11 percent in Russia. The latter figure is a little surprising, as a high proportion of online criminal activity is thought to be carried out by the Russian Business Network - at present, however, the RBN seems to be on the ropes. Nonetheless, the Russian share of infected websites has doubled since July 2007.

Finjan has also observed an increase in the involvement of Chinese websites in attacks. Several groups are using extremely sophisticated techniques to conceal malicious code and get past standard security systems. These groups are also thought to have formed a network which interweaves infection of PCs via nefarious websites with downloads of malicious code. According to Finjan, one of the website belongs to a Chinese government office. Many companies have already fallen victim to Chinese industrial espionage. The Chinese government officially denies any involvement in such activities – but then what else could it do?

Sophos also reports a drop in the incidence of newly infected websites to 7500 per day for the month of November. In July this figure was 30,000 per day. The statistics do not really reveal whether the criminals have gone into hibernation. What is remarkable about the Sophos figures is that a three year old worm remains in second spot in the statistics for infected e-mails. W32/Traxg was found in 25 percent of the e-mails monitored by Sophos. Anti-virus software is clearly still an unknown concept for many users. Old hands such as NetSky and MyDoom have also remained for years in elevated positions in Heise's own virus stats.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit