It looks like China is becoming a hotbed for malware and malicious websites (those sites that push malware infections via browser exploits).
They often used to be found in Korea and Taiwan and parts of Eastern Europe. According to the latest data more than half of the sites are now located in China.
More than half of the Web sites foisting malicious software on visitors are located at networks in China, according to data released today.
Stopbadware.org, a joint project between researchers at Harvard, Oxford and Google, found that 52 percent of the more than 200,000 infected sites the group analyzed in late May were hosted at Chinese networks. In contrast, U.S.-based networks accounted for 21 percent of the bad sites, Stopbadware found.
The sites examined in the study were all reported as malicious by Google, which interestingly enough ranked as the 6th largest source of malicious Web sites in this report, with 4,261 malware sites. Most of those appear to be the result of scammers and virus writers devising ways to automate the creation of sites at Google-owned Blogger.com.
It’s somewhat ironic that it’s Google that labels malware sites…but a Google owned property is in the top 10 for malicious web sites!
With Blogger.com coming in as the 6th largest source of malware…I really think it’s something Google needs to take a serious look at.
The numbers from just one month prior paint a much harsher picture for Google. Stopbadware never published these figures, but a source involved in the group’s effort shared data with Security Fix showing Google and Blogger as the 4th largest source of malicious sites, with more than 10,000 such domains. See the comparison charts by clicking on the graphic to the left.
Max Weinstein, project manager for Stopbadware, said the group plans to begin releasing stats on a monthly basis. Weinstein said he believes the spike in malicious domains at Google properties was due to the company’s recent aggressiveness in scanning its own sites for malware.
“When that first happened, Google’s numbers shot way up,” Weinstein said.
Hmm interesting indeed, we’ll have to watch and see what Google is going to do about this, they really need to control it. Especially with many of the new botnet infectors leveraging on Blogger.com sites.
Source: Washington Post
- Rowhammer – DDR3 Exploit – What You Need To Know
- Santoku Linux – Mobile Forensics, Malware Analysis, and App Security Testing LiveCD
- Google Expands Pwnium Year Round With Infinite Bounty
- Chinese Company Shares Huge Malware Database
- China Policy Could Shut Out Foreign Security Firms
- China taking control of it’s own DNS servers
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 229,553 views
- AJAX: Is your application secure enough? - 119,408 views
- eEye Launches 0-Day Exploit Tracker - 85,198 views