Study: US servers host majority of malicious code

U.S., U.K., Canada, Germany and Italy found to be the world's malware leaders

Forget China, Russia or eastern European countries. When it comes to malicious code, U.S.-based servers host an overwhelming majority of it, according to security vendor Finjan.

That conclusion is based on an analysis of more than 10 million URLs collected from live end-user traffic in the U.K using Finjan's content inspection engines, said Yuval Ben-Itzhak, chief technology officer Finjan. Unlike some other studies, which look at domain names to make assumptions on where a server is based, Finjan's research tracked each IP address to its exact geographical location, Ben-Itzhak said.

"Most people think of Russia and China when you talk about malicious code," he said. "However, it appears this fact is no longer valid. What we found was that about 80% of the malicious code comes from servers hosted in the U.S."

The other top countries hosting malicious code are the U.K., with 10%, and Canada, Germany and Italy, Ben-Itzhak said. "The results of this study shatter the myth that malicious code is primarily being hosted in countries where e-crime laws are less developed," he said.

One of the reasons for the trend could simply be that free Web hosting servers are more readily available in North America and Europe than in some other regions, according to Finjan. That makes it more cost-effective for cybercriminals to host malicious code on servers in those countries. In many cases, malicious code also appears to have been hosted on servers offering legitimate content that were compromised by hackers, the report said.

The Finjan report also notes a continued trend toward the appearance of malicious code on legitimate sites frequented by business users and consumers. Unlike in the past, when most malicious code was found on questionable sites such as those hosting porn, users are now just as likely to get infected when visiting finance and travel sites, for instance.

Advertisements containing malicious code continue to be a growing problem, Ben-Itzhak said. The fact that numerous parties -- ad agencies, affiliate networks and adware makers -- are involved in the delivery chain from advertiser to consumer, makes it an ideal channel to hide spyware and other malware, Ben-Itzhak said.

One recent example was an advertisement for a security program called WinFixer that started appearing on Microsoft's Windows Live Messenger in February without the company's consent or knowledge. Similarly, last June, malware contained in a banner advertisement on MySpace.com managed to infect about 1 million PCs, the Finjan report noted.

Cybercriminals are also increasingly planting their code in search engine results from Google, Yahoo and MSN, the report warned.

In most cases, the malicious code that is being distributed are botnets and Trojan programs, the Finjan report said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?