Sophos, a world leader in IT security and control, has revealed
the most prevalent malware threats causing problems for computer
users around the world during April 2007.
The figures compiled by Sophos's global network of monitoring
stations, reveal that cybercriminals are currently preferring to
spread their malware via the web than by email. 245,790 webpages
hosting malicious code were identified in April, averaging at 8,193
infected webpages each day.
The top ten list of web-based malware threats in April 2007
reads as follows:
Mal/Iframe, dominated the web-based malware chart in April,
accounting for nearly half of the world's web threats. Iframe-based
malware operates like a growing number of web-based attacks,
looking for vulnerabilities on legitimate hosted websites and
injecting malicious code onto the site. Once the site is infected,
unwary visitors without web security, firewall or patches on their
PCs, can themselves be infected.
"The Iframe-based attacks are a perfect example of a prolific
web threat that target vulnerable sites - it doesn't care whether
the site is hosting pornography or gardening tips," said Carole Theriault, senior
security consultant at Sophos. "This problem is not just a niggle:
Sophos research shows that a whopping 70% of web-based malware is
being hosted on innocent but exploited websites. With people being
lured to these innocent but compromised webpages via cleverly
worded email invitations, web security has to go beyond blocking
websites based upon category alone. A secure web defense will also
scan pages for malicious content, regardless of whether they are on
a site you would normally consider 'safe'."
The top ten list of countries hosting malware-infected websites
in April 2007, reads as follows:
| Position |
Country |
Percentage |
| 1 |
China (inc.Hong Kong) |
|
| 2 |
United States |
|
| 3 |
Russia |
|
| 4 |
Germany |
|
| 5 |
France |
|
| 6 |
Canada |
|
| 7 |
South Korea |
|
| 8 |
Ukraine |
|
| 9= |
Netherlands |
|
| 9= |
United Kingdom |
|
| Others |
2.7% |
In April, China and Hong Kong were responsible for hosting more
than half of the infected websites identified by Sophos, a
significant increase when compared to March, when they were hosting
36%. China's rise in the chart is primarily due to the country
hosting a large proportion of unpatched sites infected with this
Iframe malware. However, 90% of all detected Hong Kong-based hacked
websites were infected with Psyme.
"The UK has fallen from fifth in March to tenth position this
month," continued Theriault. "This is more a sign of hackers
finding a mountain of unpatched websites in China and the States
rather than the UK being successful at cleaning up its sites. It
would be great to see the UK fall completely from this list. If you
are running a website, make sure your web server and software are
patched against vulnerabilities."
The top ten list of email-based malware threats in April 2007
reads as follows:
Sophos has also revealed that while Netsky has held onto the
number one spot for email-borne threats, Dref has shot back into
the chart at number two, accounting for 24% of all malware spread
via email.
A graphic of the top ten email-based malware chart is available.
The top ten hoaxes and chain letters in April were as
follows:
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.