The USA has replaced China as the top source of computer servers being used by cybercriminals to dish out malicious programs.
Kaspersky Lab reports that 28% of 1.9 million servers it found distributing malware in the first three months of this year were located in the U.S. That compares to China as the source of 33% of 85.9 million malicious servers Kaspersky tracked down in the final quarter of 2009.
Russia is currently the no. 2 source, accounting for 22.6% of malicious servers. China has dropped to third. Over the course of a few months, China has cut the use of malicious servers by more than half.
Chinese authorities recently have begun implementing more stringent procedures for registering Internet addresses, says Kaspersky senior researcher Roel Schouwenberg. A written statement is now required from the domain registrant, he says, and the requesting party must provide passport information and complete a lengthy application to a national agency, the CNNIC.
In the U.S. and Russia, it’s still quick and anonymous to register new domains online via services such as Go Daddy. “It would be interesting to see what will happen if regulations like the ones in China were to catch on in other countries,” says Schouwenberg. “It shows that the entities in the U.S. are not doing a good job protecting their servers from compromise and that the U.S. is still a good place to host malicious content.”
Other Kaspersky first-quarter findings of note:
- Over 327 million attempts were made to infect users’ computers around the world, an increase of 26.8% over the previous quarter.
- The total number of exploits targeting vulnerabilities in browsers and plug-ins, as well as PDF viewers increased by 21.3%, with nearly half of them targeting vulnerabilities in Adobe programs.
“The amount of cybercriminals is ever growing,” says Schouwenberg. “Until we have effective laws which are enforced — by arrests -– the number will continue to grow. Cybercrime is profitable so there’s no reason to assume otherwise.”
By Byron Acohido