China can keep on denying that its People's Liberation Army is responsible for infiltrating government networks, but good luck denying that it's pumping out the most malware on the planet.
Sophos nailed China as the top junk-spewer back in its July 2007 Sophos Threat Report. In the report, Sophos said that China servers are behind 44.8 percent of the world's malware-infected sites. That's more than the next three top countries serving junk combined: the United States, at 20.8 percent, Russia with 11.3 percent, and Ukraine, at 7.7 percent.
That yearly average isn't actually a reflection of the apex of China's malware serving, though. At the end of 2006 the country hosted just over a third of all malware, it then surpassed the United States and in the first six months of 2007 served up more than half of all malware—at least, the threats reported to Sophos.
But as Sophos says, just because Chinese servers are hosting junk doesn't mean the criminals are actually in China.
"Although a worrying number of Chinese-based Web pages are being found containing malicious code designed to infect Web surfers worldwide, it does not necessarily mean that the criminals behind these attacks are based in the country," Graham Cluley, a senior technology consultant at Sophos, said in a release. "Cyber-crime is a truly global problem and all businesses must ensure they are properly protected."
As for why China's servers are such accommodating hosts, Sophos credits the widespread rate of Mal/Iframe infections on Chinese hosted sites, with more than 80 percent of the country's compromised Web pages being stricken with the malware.
Google also recently came out with some interesting related news regarding what flavor of server malware senders like to use (or exploit and then use) and why software piracy puts China at the head of the malware game.
In its June report, Google cited piracy statistics from NationMaster that estimate piracy rate (the number of pirated software units divided by the total number of units put into use) at 92 percent in China in 2004, and from BSA, which put the figure at 55 percent for 2006.
Google also suggested that security patches aren't available for such pirated copies of Microsoft IIS, meaning that a larger percentage of Chinese IIS servers are potentially compromised.
Return to internet news headlines
View Internet News Archive