U.S. replaces China as top source of malicious servers

The USA has replaced China as the top source of computer servers being used by cybercriminals to dish out malicious programs.

Kaspersky Lab reports that 28% of 1.9 million servers it found distributing malware in the first three months of this year were located in the U.S. That compares to China as the source of 33% of 85.9 million malicious servers Kaspersky tracked down in the final quarter of 2009.

Russia is currently the no. 2 source, accounting for 22.6% of malicious servers. China has dropped to third. Over the course of a few months, China has cut the use of malicious servers by more than half.

Chinese authorities recently have begun implementing more stringent procedures for registering Internet addresses, says Kaspersky senior researcher Roel Schouwenberg. A written statement is now required from the domain registrant, he says, and the requesting party must provide passport information and complete a lengthy application to a national agency, the CNNIC.

In the U.S. and Russia, it’s still quick and anonymous to register new domains online via services such as Go Daddy. “It would be interesting to see what will happen if regulations like the ones in China were to catch on in other countries,” says Schouwenberg. “It shows that the entities in the U.S. are not doing a good job protecting their servers from compromise and that the U.S. is still a good place to host malicious content.”

Other Kaspersky first-quarter findings of note:

  • Over 327 million attempts were made to infect users’ computers around the world, an increase of 26.8% over the previous quarter.
  • The total number of exploits targeting vulnerabilities in browsers and plug-ins, as well as PDF viewers increased by 21.3%, with nearly half of them targeting vulnerabilities in Adobe programs.
  • Two families of malicious programs targeting Adobe products — Exploit.Win32.Pdfka and Exploit.Win32.Pidief — account for 47.5% of all detected exploits. These are PDF documents containing JavaScript scenarios that, without the user’s knowledge or consent, download and launch other pieces of malware onto the victim’s hard drive.

“The amount of cybercriminals is ever growing,” says Schouwenberg. “Until we have effective laws which are enforced — by arrests -– the number will continue to grow. Cybercrime is profitable so there’s no reason to assume otherwise.”

By Byron Acohido

via U.S. replaces China as top source of malicious servers – USATODAY.com.

Tagged on:

Leave a Reply